I implemented support for Passkeys and WebAuthn on a recent OSS project, it was a LOT of reading and trial and error but once I got my head around it, the outcome is amazing! The ability to log into a site/app with my face/fingerprint is really neat. And the reaction I’ve had from people is all positive, everyone seems to hate passwords for different reasons. The ease of use (assuming the server end is implemented correctly) is really nice, and is a nice improvement over password managers UX-wise.
But, it’s not without issues. It’s an insanely complex process, even with libraries to help, the beauty of passwords is they’re insanely simple to implement for young folks learning to build apps and that isn’t going to go away. Because they require a backend and a frontend component, there isn’t going to be a one-size-fits-all library to drop in. That being said, I did painstakingly write a full OpenAPI specification so I could at least generate all the code necessary to build the entire flow! (let me know if that’s useful enough to share)
I implemented support for Passkeys and WebAuthn on a recent OSS project, it was a LOT of reading and trial and error but once I got my head around it, the outcome is amazing! The ability to log into a site/app with my face/fingerprint is really neat. And the reaction I’ve had from people is all positive, everyone seems to hate passwords for different reasons. The ease of use (assuming the server end is implemented correctly) is really nice, and is a nice improvement over password managers UX-wise.
But, it’s not without issues. It’s an insanely complex process, even with libraries to help, the beauty of passwords is they’re insanely simple to implement for young folks learning to build apps and that isn’t going to go away. Because they require a backend and a frontend component, there isn’t going to be a one-size-fits-all library to drop in. That being said, I did painstakingly write a full OpenAPI specification so I could at least generate all the code necessary to build the entire flow! (let me know if that’s useful enough to share)
RSA includes the name Adleman, not Adel.