#34896: First-party passkey support in django.auth
-------------------------------------+-------------------------------------
Reporter: e3b0c442 | Owner: nobody
Type: New | Status: new
feature |
Component: | Version: dev
contrib.auth | Keywords: passkey, passkeys,
Severity: Normal | webauthn
Triage Stage: | Has patch: 0
Unreviewed |
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 0
UI/UX: 0 |
-------------------------------------+-------------------------------------
Passkeys are quickly gaining traction as a more secure and user-friendly
alternative to usernames and passwords. It would be a great feature for
Django users and send a strong signal to the wider community if
`django.auth` and the supporting code and UI were updated to support
passkeys as a first-class alternative to usernames and passwords.
Items that would need to be updated (not exhaustive):
* User models would need to be updated to support multiple passkeys
* Authentication logic updated to support passkeys (WebAuthn relying party
implementation)
* Login UI updated to support choice of login with username/password or
passkey
I understand that all of this can (and likely has) been implemented as a
separate app/package, but again I feel it would be a great first-party
feature and send a strong message to the wider community of the superior
security and user-friendliness of asymmetric key cryptography over legacy
usernames/passwords.
--
Ticket URL: <https://code.djangoproject.com/ticket/34896>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/0107018b1c3e289d-e9f99ac5-454e-44fb-930a-69e9a28c1aa3-000000%40eu-central-1.amazonses.com.
