- From: Ricky Mondello via GitHub <noreply@w3.org>
- Date: Fri, 24 Oct 2025 18:10:34 +0000
- To: public-webauthn@w3.org
> > I think it would be OK to load a sign-in page behind the modal that comes up when a user clicks “Sign In”. I think in some testing that Google did in the past, having sign-in related content behind browser UI actually improved sign-in success rates. > > Thanks for expanding on the idea of what immediate mediation might look like without leaking whether a user has a credential for the site. But the thought came to mind that this could probably also be achieved today by simply having the Sign In button take the user to `/signin` and then call `.get()` on page load. Which, if true, could obviate the need for immediate mediation... It doesn’t! Because you’ll still get Hybrid’d. The goal is to only show credentials that are local, and then have a “Passkey” button on the page that will make a full request, including Hybrid. -- GitHub Notification of comment by rmondello Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2228#issuecomment-3444321736 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 24 October 2025 18:10:35 UTC