View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
5482 | Composr | core | public | 2023-12-01 11:46 | 2024-07-25 21:38 |
Reporter | PDStig | Assigned To | Chris Graham | ||
Priority | normal | Severity | feature | ||
Status | closed | Resolution | duplicate | ||
Summary | 5482: Implement passkeys | ||||
Description | The era of using passwords is coming to an end as more and more people, through the FIDO organization, switch to a new authentication standard called "passkeys". Passkeys utilize public and private key pairs to authenticate users instead of passwords. When a member registers on a site, their device generates, stores, and locks down a private key for the website they are registering. Their device also generates an accompanying public key which is sent to the server for storage. Then, when the user wishes to authenticate (providing their username), their request for authentication will be responded with an encrypted challenge (the challenge is encrypted by the server with the public key). The user's device then decrypts the challenge with the stored private key (after the user unlocks the private key via some other means such as a hardware device or biometrics). Once decrypted, the user's device will make a challenge response, encrypted with the private key, and sent to the server. The server will decrypt it with the public key and confirm its validity; the user is now logged in. Theoretically, passkey login will eliminate phishing attacks, MFA fatigue, and having to remember passwords. However, I still am unsure about the process of "recovering" a lost private key. Nonetheless, I think it is important we start considering its implementation into Composr CMS. For example, there are already open-source self-hosted solutions out there for running passkey authentication, such as https://github.com/teamhanko/hanko . | ||||
Tags | Roadmap: Over the horizon | ||||
Attach Tags | |||||
Time estimation (hours) | |||||
Sponsorship open | |||||
Date Modified | Username | Field | Change |
---|---|---|---|
2023-12-01 11:46 | PDStig | New Issue | |
2023-12-10 16:13 | Chris Graham | Relationship added | related to 3581 |
2023-12-10 16:18 | PDStig | Tag Attached: Roadmap: v12 | |
2024-03-26 00:58 | PDStig | Tag Renamed | Roadmap: v12 => Roadmap: Over the horizon |
2024-07-25 21:38 | Chris Graham | Assigned To | => Chris Graham |
2024-07-25 21:38 | Chris Graham | Status | Not Assigned => Closed |
2024-07-25 21:38 | Chris Graham | Resolution | open => duplicate |
2024-07-25 21:38 | Chris Graham | Relationship replaced | duplicate of 3581 |