search

keepassxreboot / keepassxc

KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
https://keepassxc.org/
Other
20.04k stars 1.42k forks source link

[Passkeys] Terminology incorrect #10403

Open timcappalli opened 3 months ago

timcappalli commented 3 months ago

Overview

There are a few places where terminology around passkeys are not quite correct in both the browser extension and native app.

At the highest level, "Passkey" isn't a protocol, it is a noun. Proper use includes: "a passkey" or "passkeys". As it is a noun, it is never capitalized (outside of normal capitalization rules for nouns) and is never used by itself.

For the flows, typically "Save" or "Create" are used when creating a passkey.

Steps to Reproduce

Places I've noticed this terminology:

Extension settings

image
  1. "Enable passkeys"
  2. "Enable passkeys fallback"
  3. "When enabled, a failed or canceled request to KeePassXC will trigger the browser's own internal passkeys request."

Native App Settings

Browser Integration > Advanced

  1. "Allow using localhost with passkeys"

Registration prompt

image
  1. it should be "a passkey"
  2. The terminology typically used across passkey providers and RPs is either "save" or "create", so I'd suggest this should read "Do you want to save a passkey for:" and the button be "Save"

Authentication prompt

image
  1. Recommend the text say: "Use a passkey to sign in to:"
  2. Users don't typically know what "Relying Party" means. The origin is typically enough context.

Context

KeePassXC - Version 2.7.7 Revision: 68e2dd8

Qt 5.15.11 Debugging mode is disabled.

Operating system: macOS 14.4 CPU architecture: arm64 Kernel: darwin 23.4.0

Enabled extensions:

Cryptographic libraries:

varjolintu commented 3 months ago

Got it. I'll make the changes to KeePassXC side after all the fixes have been merged.