Hoping Apple announce something in June. In the UK and North America iOS accounts for ~56% of mobile internet devices, Android accounts for 42%. Really hard for anyone to deploy this at scale until that changes.
2 Likes
I am slotting this for 2.4, very unlikely we will get it done for 2.3 but who knows.
15 Likes
News on this:
Firefox just enabled the older U2F registration method by default for the next release, due to historical raisins in Android. (WebAuthn was already enabled.)
https://groups.google.com/d/msg/mozilla.dev.platform/q5cj38hGTEA/1IKq9vSDAwAJ
4 Likes
I definitely like this for 2.4, seems like all major browsers are on board except iOS 
7 Likes
Is the plan to allow password-less login with webauthn or just second factor?
3 Likes
Ideally both, is what I am thinking.
7 Likes
Update: NFC-based webauthn has just landed in Firefox Beta for Android, if I understand it correctly.
3 Likes
2fa now has a dedicated settings screen:
4 Likes
Looking forward to U2F support, already using it in several other places.
One thing that I would like to discuss is how we will use webauthn in Discourse. Will it just be an alternative form of 2FA? Or will we be able to use it as an alternate form of login, like a social/mail login (in place of username/password)?
5 Likes
U2F is dead, long live webauthn
4 Likes