Curious to know why aren't devs implementing WebAuthn for their sign-up & login flow

I'v always wondered why companies aren't investing in going passwordless and in particular implementing WebAuthn(https://webauthn.io/) into their websites? This is a way to allow users to login with bio-metrics and could literally help replace passwords.

  1. 2

    WebAuthN works great on mobile devices because users have a security device built-in, their phone. On desktop, unless I’m missing something, people would need a security key like Yubikey. That’s a big paradigm shift for people and is probably the reason adoption hasn’t been so great.

    1. 1

      On desktop, yes, I can see how that could be a big problem.

      But given that so many of us use laptops that have TouchID or Windows Hello built in, thought that more devs would be taking a shot at it.

      Especially, if it’s it’s B2B because companies usually hand out laptops that are fairly new & most of them have some sorta finger print reader on it

  2. 2

    We use AWS Cognito which does support WebAuthn


    but like anything else customers have to ask for it before we would turn it on. I don't think it's a popular enough feature for us to implement without a request.

    1. 2

      But I'd say, so many customers don't even know what WebAuthn is or if it even exists!
      So waiting for them to ask for something they don't even know about, will never happen. Almost feels like devs should take a gamble and implement it (for 3/4 months) and see what users think.

      Have you used WebAuthn.io? what were your thoughts on it as an end user?

    2. 1

      How did you find it was to implement it using the cognito docs & sample code? Found in general docs on the topic in general to be very minimal and painful and any attempt to do it from scratch using the W3C source docs (https://www.w3.org/TR/webauthn-2/) is a nightmare.

      And yeah, it does feel like enough people don't know about it to request it.

Trending on Indie Hackers
I redesigned my landing page to something completely unconventional/unprofessional 19 comments How we automatically provision SSL for SaaS customers with custom domains 12 comments Breaking down one of the most successful ecommerce SEO strategies (IKEA) 12 comments 44 products by bootstrapped startup founders you can use 12 comments On productized services, a crappy logo, and a shift in perspective that changed everything: Jaclyn Schiff's story 10 comments New vlog: Bought my dream car after 10 years of hard work in entrepreneurship! 5 comments