Describe the Feature
WebAuthn is the nifty little feature that sites like Kayak, Amazon, Instagram, Google and others allow for folks to use device or software based authenticators to sign in without having to remember a password (could be password-backed, I use Bitwarden's passkeys in conjunction to Yubikeys. Blacksky already provides 2FA with e-mail (great and way more secure than SMS) but passkeys save a wee bit of time since it's all handled in the browser or device.
I'm curious to know how open of a contribution of this sort would be to the project. I already started looking into it and will link my branch on my fork later this week but if it's on a (private?) roadmap, I'd wouldn't want to overstep too much.
Attachments
No response
Describe Alternatives
Tangentially, it's one less thing to manage if folks opt to keep using e-mail 2FA. An alternative would be TOTP (or worse, HOTP).
Additional Context
No response
Describe the Feature
WebAuthn is the nifty little feature that sites like Kayak, Amazon, Instagram, Google and others allow for folks to use device or software based authenticators to sign in without having to remember a password (could be password-backed, I use Bitwarden's passkeys in conjunction to Yubikeys. Blacksky already provides 2FA with e-mail (great and way more secure than SMS) but passkeys save a wee bit of time since it's all handled in the browser or device.
I'm curious to know how open of a contribution of this sort would be to the project. I already started looking into it and will link my branch on my fork later this week but if it's on a (private?) roadmap, I'd wouldn't want to overstep too much.
Attachments
No response
Describe Alternatives
Tangentially, it's one less thing to manage if folks opt to keep using e-mail 2FA. An alternative would be TOTP (or worse, HOTP).
Additional Context
No response