Rekeying the database should only be necessary to support a WebAuthn credential as the single factor (no username), though, right? If the user can supply a username when initiating the authentication ritual, won't it suffice to just add a new table/column/property to the database that links users to their credential IDs? And even with single factor login it seems wise to me to keep the credentialID->username registry separate from the username->userdata database, so even that should be doable without having to change an existing data model. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/issues/556#issuecomment-329755122 using your GitHub accountReceived on Friday, 15 September 2017 11:23:48 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:27 UTC