My vote is for WebAuthn! With the built-in OS support it's ... • Aaron Parecki

87°F

Vika https://fireburn.ru/ • Dec 28
Great news - my frontend can do the onboarding procedure! It successfully uploads my h-card and posts a “first post” to the blog, so it won’t be empty.

For now I didn’t do authentication yet. I’m still thinking if I should do password+TOTP auth, just a password or a WebAuthn. Or maybe I could just use indieauth.com directly, but that needs at least one social profile in the h-card, which is not guaranteed right now.

My vote is for WebAuthn! With the built-in OS support it's definitely the easiest to use. The only trick will be enrolling multiple devices with it.

Portland, Oregon • 41°F

Sat, Dec 28, 2019 9:54am -08:00

1 reply
Have you written a response to this? Let me know the URL:
- Vika fireburn.ru
  
  With a use of cross-platform authenticators this should not be much of a problem. You use a YubiKey to log into your site and in the admin panel there would be a button that enrolls your platform authenticator too. I think I saw something like this in the spec’s GitHub issues, can’t remember where exactly.
  
  Sun, Dec 29, 2019 11:03am +03:00

Posted in /replies using monocle.p3k.io