search

peeringdb / peeringdb

Server code for https://www.peeringdb.com/
BSD 2-Clause "Simplified" License
340 stars 111 forks source link

Passkey support for login #1584

Open Diosbejgli opened 1 month ago

Diosbejgli commented 1 month ago

Is your feature request related to a problem? Please describe. Please add Passkey support for login purposes. This would allow users to replace their passwords with passkeys that are based on asymmetric cryptography instead of a static string.

I'm aware that 2FA is already supported but passkeys are not replacing 2FA, they are replacing passwords. I'm also aware that you can technically create a passkey on the website under "Security keys" and enable password-less login, but native passkey support would be more straightforward and improve adoption.

Based on FIDO standards, passkeys are a replacement for passwords that provide faster, easier, and more secure sign-ins to websites and apps across a user’s devices. Unlike passwords, passkeys are always strong and phishing-resistant. Passkeys simplify account registration for apps and websites, are easy to use, work across most of a user’s devices, and even work on other devices within physical proximity.

Who is affected by the problem? Everyone

What is the impact? Currently users have to rely on a static password to login, with passkeys they could use a cryptographic key with biometric protection to sign-in.

Are there security concerns? Passkeys are more secure than the currently implemented password-based logins.

Are there privacy concerns? Password stuffing could potentially lead to unwanted information exposure.

Describe the solution you'd like The PeeringDB website to support logins using Passkeys. The login form should offer the user to use a Passkey for logging in or automatically detect the presence of it and offer to use it. Github does this already.

Do you think this feature will require a formal design? N/A

Describe alternatives you've considered N/A

Could this feature request need support from the Admin Committee? N/A

What is the proposed priority? Medium priority as there's no immediate impact, however it's a low-hanging fruit to improve UX and security.

Provide a rationale for any/all of the above This would make it easier and more secure to login to the PeeringDB website.

Additional context https://passkeys.dev/ https://fidoalliance.org/passkeys/

grizz commented 1 month ago

+1

jackcarrozzo commented 1 month ago

+1

martinhannigan commented 1 month ago

+1

On Thu, Apr 4, 2024 at 12:13 Jack Carrozzo @.***> wrote:

+1

— Reply to this email directly, view it on GitHub https://github.com/peeringdb/peeringdb/issues/1584#issuecomment-2037637179, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFA2YQR75ONZEZZAMWA5COTY3V33TAVCNFSM6AAAAABFJ7BTJ6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDAMZXGYZTOMJXHE . You are receiving this because you are subscribed to this thread.Message ID: @.***>