New - Passkey logins

jonah · November 12, 2023, 7:16am

Announcement for our lovely forum users: You can now add a passkey to your account by navigating to your User Preferences → Security page.

After adding a passkey to your account, you will be able to sign in to the forum without a username and password, with the “Sign in with a passkey” button:

Notes:

Signing in with a passkey bypasses two-factor authentication on your account when logging in. If you want to always require a password and a security key, you should not add a “passkey” to your profile, you should only add a security key in your “Two-Factor Authentication” settings.
You cannot disable password logins after adding a passkey. You can prevent password logins from accessing your account without a security key by additionally adding a security key in your “Two-Factor Authentication” settings.

pika · November 12, 2023, 9:46am

I tried to add -passkey with my yubikey but i am getting this error.

Although i could register a passkey using the bitwarden extension easily. But i wondered why it won’t work with my physical security key.

ph00lt0 · November 12, 2023, 11:31am

While passkeys use the same technology (FIDO2) they are not the same they’re treated differently by your browser and OS.

jonah · November 12, 2023, 11:06pm

In what browser?

pika · November 13, 2023, 8:25am

i tried to create a passkey on my google account with my physical security key using the same browser and OS and it worked.
There seems to be some another issue relating to the website implementation of passkeys.
Though i would like to know more about how passkeys are technically different from webauthn.

jonah · November 13, 2023, 8:32am

I’m able to add a Yubikey as a Passkey here on the forum in a Chromium browser.

pika · November 13, 2023, 9:20am

i tried with brave , maybe i should try with firefox.

trimming0832 · November 13, 2023, 2:16pm

I have the same issue. Using Firefox on iOS. It works on Safari though.

Private_Plan · November 13, 2023, 2:56pm

Works fine for me on Brave and Librewolf using Bitwarden to store the passkeys.

paul · November 13, 2023, 4:29pm

adding passkey OK
login with passkey OK
sign up with passkey KO

same behavior on 3 browsers:
Firefox 119.0.1 with 1Password 2.15.1
Chrome 119.0.6045.124 with 1Password 2.17.0
Brave 1.60.114 with 1Password 2.15.1

anon35483798 · November 13, 2023, 6:03pm

How would someone that signed up with SimpleLogin option enable passkey as it asks for a password and there’s none with Oauth

jonah · November 13, 2023, 6:08pm

You’d have to set a password and switch to local authentication in order to use a Passkey or enable two-factor authentication here.

Dyrimon · November 14, 2023, 5:35am

Works well in Firefox, with Bitwarden extension.

anon28734771 · December 13, 2023, 8:15am

Why it’s not possible to create an account just with a Passkey without a password? Is this some kind of limitation of Passkeys?

pika · December 13, 2023, 12:00pm

setting a password had been a standard part of sign up process for all forums since years. And passkeys are relatively new , so they may not be giving it as a default option yet at time of sign up. Password is set to make it kinda backup method to login since not all may not be comfortable using passkeys everytime.
I don’t think its a limitation to passkeys since we can login without password easily, its just the current process followed is different.

jonah · December 13, 2023, 5:44pm

I don’t think there’s any technical reasons you couldn’t make a Passkey-only authentication method, I think Discourse just chose not to implement it for whatever reason. Not sure what that reason is.

anon28734771 · December 14, 2023, 6:21am

I hope Passkey-only authentication will be a thing at some point. I don’t see a point in Passkeys if I still have to generate and store passwords. Getting rid of them entirely would be amazing, though.

anon28734771 · December 18, 2023, 10:09pm

Possible future improvements

Once the initial rollout of the feature is complete, we may consider making the following improvements:

Allow setting up a passkey on account creation

Allow passkeys to be used when confirming sensitive actions (currently supported in the Security tab of User Preferences but not in some admin-only screens)

Turns out Discourse developers are possibly planning on allowing registration with passkeys instead of passwords.

Outfield7070 · February 18, 2024, 8:25pm

Same here on Brave. Same error as you have.

However if I go to
https://demo.yubico.com/webauthn/
the registration of the key goes smoothly.

Same on github, no errors.

I’ve noticed the same error on https://forwardemail.net/
so I assume maybe some shared implementation which blocks the real yubikey on brave?

Topic		Replies	Views
Can't delete WebAuthn FIDO2 key Meta other	6	480	February 17, 2023
Enabling webauth on Mullvad browser Questions	2	371	December 1, 2023
Unable to use Tutanota through Tor or Mullvad? Questions	6	663	November 5, 2023
Brave - Needs Site isolation activated? Questions browsers	1	519	October 22, 2023
Bitwarden's Firefox optional permissions? Privacy browsers	2	428	December 29, 2022

New - Passkey logins

Related Topics