- From: Arian van Putten via GitHub <sysbot+gh@w3.org>
- Date: Tue, 26 Sep 2023 08:18:45 +0000
- To: public-webauthn@w3.org
arianvp has just created a new issue for https://github.com/w3c/webauthn: == Provide a way for Web Extensions to hook into browser's Passkey autofill UI == ## Description Password Managers are rolling out Passkey support and they're doing this by monkey-patching `navigator.credentials.get` . This is leading to _a lot_ of confusion with users as suddenly native Passkey autofill (conditional mediation) breaks and instead a non-native pop-up opens when the website loads. <img width="1171" alt="image" src="https://github.com/w3c/webauthn/assets/628387/1c6888b7-44a8-4f84-a6e5-4e611d952dc2"> This breaks all the nice usability features of Passkeys. I have a lot of complaints of colleagues (As we're both using 1Password _and_ Passkeys) that they can not log in anymore and I need to explain them to instead of expecting the nice Autofill flow from Safari they need to click the little "Security Key" icon in the 1Password popup. The problem is that I don't think 1Password can do any better within the constraints of the current API. And we need to provide them with the tools to build a nicer integration. ## Solution Web Extensions should not be forced to monkey-patch `navigator.credentials.get` and break native autofill behaviour. Instead they should be provided with hooks to augment the autofill UI and add their own entries in the list. ## Other options Disable Password Manager. ## Related Links ## Notes Perhaps this discussion should be made in the Web-Extensions group. But given people here are domain experts about how the browsers are built I think discussion here is useful. We could then make a proposal for an API to the WebExtensions WG Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1976 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 26 September 2023 08:18:47 UTC