Re: [webauthn] Provide a method to get the count of the credentials of a rely party on client device on user permission (#2255) from Firstyear via GitHub on 2025-02-07 (public-webauthn@w3.org from February 2025)

From: Firstyear via GitHub <sysbot+gh@w3.org>
Date: Fri, 07 Feb 2025 04:19:17 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-2641912788-1738901955-sysbot+gh@w3.org>

> [@Firstyear](https://github.com/Firstyear) Hi, I use pure webauthn to let users register accounts on my site and try to find a way to limit the number of accounts a user can register. If authenticators have their GUIDs and provide them in the result of the create method, they can be identified on the server side, and then the goal can be achieved.

You can't achieve this with webauthn. There is no way to limit or track users based on the authenticator they register. 

You need to find other ways to limit account sign ups. 

-- 
GitHub Notification of comment by Firstyear
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2255#issuecomment-2641912788 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Friday, 7 February 2025 04:19:18 UTC