[webauthn] Multiple Authenticator Options and Policies (#1601) from Anders Rundgren via GitHub on 2021-04-22 (public-webauthn@w3.org from April 2021)

From: Anders Rundgren via GitHub <sysbot+gh@w3.org>
Date: Thu, 22 Apr 2021 06:46:53 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-864601890-1619074012-sysbot+gh@w3.org>

cyberphone has just created a new issue for https://github.com/w3c/webauthn:

== Multiple Authenticator Options and Policies ==
When using Windows Hello with WebAuthn I get multiple options to authorize the login.  FingerPrint, PIN, and Password.

This appears to be platform specific and also having no relation to possible RP policies.

Although biometric authentication is great, there are legitimate use-cases where a password/PIN would be required like for people that are hospitalized and a relative or other proxy carries out their on-line banking activities.

For this to work satisfactory there should be an RP option forcing the user to create a password/PIN that also must conform to an RP policy ("1234" may not be satisfactory).

Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1601 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 22 April 2021 06:46:58 UTC