Open Bug 1536482 Opened 5 years ago Updated 3 days ago

Web Authentication - Support macOS Touch ID


(Core :: DOM: Web Authentication, enhancement, P2)




Webcompat Priority P2


(Reporter: djc, Assigned: jschanck)


(Depends on 1 open bug)


(Keywords: parity-chrome, parity-safari, Whiteboard: [mac:integration])

I read about webauthn on Windows with biometrics today. I'm on a MacBook Pro with Touch ID, so I'm jealous now. Please consider implementing for macOS. lets you do this today. I agree, it'd be nicer to have it work with Firefox Sync.

Bug 1529973 is about having a soft token. Combining that with our platform-level Data-at-Rest support from Bug 1464828 gets us most of the way to what you're asking for.

This is a cool thing, but marking it P4 for now; we'll have to pick this up after CTAP2 and after making the soft token a real thing.

Depends on: 1464828, 1529973
Priority: -- → P4

There are a lot of developments on in the field of Web Authentication. iOS 13.3 wil start supporting FIDO2 roaming keys. Chrome supports platform authenticators on all desktop environments. Yet firefox only supports platform authenticators on Windows. Is the implementation for macOS that different from Windows? Can feature parity for Firefox on all desktop platforms be achieved anytime soon? Or should we not expect this within the year? In my opinion, Firefox supporting platform authenticators on all environments is a crucial step towards a passwordless future.

Note: This comment really should be on bug 1530370.

I'm currently hoping to work on WebAuthn implementation again in Q1 2020. I've had to take on other projects in 2019, particularly picking up maintainership of the NSS crypto library and some fun WebPKI stuff, but so far everything looks good for me to resume work bringing CTAP2 support to the other platforms in authenticator-rs [0] and do the rewrite of the Firefox-side needed to support that.

[0a] CTAP2 branch here with prototype Linux support:

I found out last week that actually Lockwise already supports TouchID authentication for extracting your passwords (that is, I get a TouchID dialog when I tap the Copy button for a password in my Lockwise store). I'm somewhat surprised that this already works but that WebAuthn still doesn't support TouchID today.

Looks like has been deprecated and they now recommend using Chrome or Safari :(

Keywords: parity-safari
Whiteboard: [mac:integration]

Context for above: I recommend(ed) adding parity-chrome as well, since I had working touchID support with our Duo for a couple years when using Chrome macOS.

Priority: P4 → P2
Severity: normal → S3
Webcompat Priority: --- → ?
Webcompat Priority: ? → P2

Hi everyone - it's great to see such interest in this feature. However, bugzilla is where we track our implementation work. It's not a place to discuss features and ask why they haven't shipped yet. We are working on WebAuthn (you can follow other bugs in this component), and we will update this bug when we make progress.

Assignee: nobody → jschanck
No longer depends on: 1529973
Depends on: 1821785
You need to log in before you can comment on or make changes to this bug.