Curious to know why aren't devs implementing WebAuthn for their sign-up & login flow

I'v always wondered why companies aren't investing in going passwordless and in particular implementing WebAuthn(https://webauthn.io/) into their websites? This is a way to allow users to login with bio-metrics and could literally help replace passwords.

  1. 2

    WebAuthN works great on mobile devices because users have a security device built-in, their phone. On desktop, unless I’m missing something, people would need a security key like Yubikey. That’s a big paradigm shift for people and is probably the reason adoption hasn’t been so great.

    1. 1

      On desktop, yes, I can see how that could be a big problem.

      But given that so many of us use laptops that have TouchID or Windows Hello built in, thought that more devs would be taking a shot at it.

      Especially, if it’s it’s B2B because companies usually hand out laptops that are fairly new & most of them have some sorta finger print reader on it

  2. 2

    We use AWS Cognito which does support WebAuthn


    but like anything else customers have to ask for it before we would turn it on. I don't think it's a popular enough feature for us to implement without a request.

    1. 2

      But I'd say, so many customers don't even know what WebAuthn is or if it even exists!
      So waiting for them to ask for something they don't even know about, will never happen. Almost feels like devs should take a gamble and implement it (for 3/4 months) and see what users think.

      Have you used WebAuthn.io? what were your thoughts on it as an end user?

    2. 1

      How did you find it was to implement it using the cognito docs & sample code? Found in general docs on the topic in general to be very minimal and painful and any attempt to do it from scratch using the W3C source docs (https://www.w3.org/TR/webauthn-2/) is a nightmare.

      And yeah, it does feel like enough people don't know about it to request it.

Trending on Indie Hackers
How long did it take to build your MVP? 23 comments Free e-mail countdown timer that doesn't suck 💩 6 comments Return of the external link 4 comments Former Product Of The Day Further has been launched once again on Product Hunt! 3 comments The FIRE Movement (Financial Independence, Retire Early) 1 comment What's your Auth0 experience? 1 comment