- From: Tim Cappalli via GitHub <sysbot+gh@w3.org>
- Date: Wed, 24 Apr 2024 18:42:52 +0000
- To: public-webauthn@w3.org
> The current paradigm creates a bad UX, because we have no way of knowing if a user has connected their current device to web auth, and so we either need to show them UI for both Create and Get paths, relying on their memory of what they have done, or we need to conditionally only show them the Get path if we "think" the user has connected their current device (based on some information passed to us from our backend), potentially causing the user to attempt web auth and fail if their connection has been destroyed for some reason. @AdamEisfeld this is what the autofill UI is designed for. If the user has a passkey on the device, it will appear in the autofill UI and user testing has shown that most users click it. If the user doesn't have a passkey on the device, they type in the email or username, and then you can initiate a creation flow, using the value from the form. passkeys.io is an example of this experience. -- GitHub Notification of comment by timcappalli Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2062#issuecomment-2075598921 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 24 April 2024 18:42:53 UTC