Toots for agektmr@infosec.exchange account

Written by Eiji Kitamura / えーじ :verified: on 2025-01-29 at 00:45

WebAuthn getClientCapabilies() is available on Chrome from 133. Use this API to detect the browser and the device's capabilities.

https://developer.chrome.com/blog/passkeys-client-capabilities

=> More informations about this toot | View the thread

Written by Eiji Kitamura / えーじ :verified: on 2025-01-16 at 13:24

Passkeys on Google Password Manager are now available on iOS and iPadOS.

Chrome on iOS 17 or later now supports creating and saving passkeys directly to Google Password Manager, ensuring they synchronize seamlessly with other platforms linked to the same Google Account. This change means Chrome with the same signed-in profile can synchronize passkeys on the Google Password Manager across all platforms and devices.

To use passkeys on Google Password Manager on iOS 17 or later, set Chrome as an autofill provider in Settings.

Learn more: https://developer.chrome.com/blog/passkeys-gpm-ios

=> View attached media

=> More informations about this toot | View the thread

Written by Eiji Kitamura / えーじ :verified: on 2024-11-13 at 12:11

Keeping passkeys consistent between the password manager and the server is a key for great sign-in experience. For example, if a user deletes a credential on the server, an attempt to sign in with the associated passkey will fail and the user will have no clue what's going on.

Websites can solve this problem with Signal API. It can signal information about passkeys so that the password managers can keep them consistent with the server.

Chrome desktop and Google Password Manager start to support Signal API from 132 which is currently in beta. Chrome on Android will support it later.

Learn more: https://developer.chrome.com/blog/passkeys-signal-api

=> View attached media

=> More informations about this toot | View the thread

Written by Eiji Kitamura / えーじ :verified: on 2024-10-26 at 04:30

This is so funny

https://youtu.be/eGv5D4sBFbE

=> More informations about this toot | View the thread

Written by Eiji Kitamura / えーじ :verified: on 2024-10-22 at 06:10

A new #passkeys case study: Tokyu — a Japanese railway company achieved 12 times faster sign-in compared to email-based two-factor authentication. Imagine you have to handle 2FA when you are in hurry. People love passkeys for its simple and quick way to sign in.

https://web.dev/case-studies/tokyu-passkeys

=> View attached media

=> More informations about this toot | View the thread

Written by Eiji Kitamura / えーじ :verified: on 2024-09-25 at 13:10

Chrome on desktop will soon be able to create passkeys in Google Password Manager and synchronize them across platforms (except iOS which will follow).

Previously, passkeys created on Chrome on Android were saved to Google Password Manager and synced between Android devices. Passkeys created on Chrome on macOS were saved to iCloud Keychain and synced between Apple devices. Passkeys created on Chrome on Windows were saved locally to Windows Hello. On Linux and ChromeOS, it was not even possible to create a passkey. This has been causing confusion among passkey users.

With this change (still rolling out), passkeys on most platforms can be saved to Google Password Manager and synced between them. With the upcoming iOS/iPadOS support, Google Password Manager will be able to sync passkeys between all major platforms. We expect this will improve the passkey user experience significantly.

Learn more:

https://developer.chrome.com/blog/passkeys-gpm-desktop

=> More informations about this toot | View the thread

Written by Eiji Kitamura / えーじ :verified: on 2024-09-05 at 09:26

So the issue on elk.zone turned out likely to reside both on the website and Chrome. Hopefully it will be fixed soon.

https://github.com/elk-zone/elk/issues/2935

=> More informations about this toot | View the thread

Written by Eiji Kitamura / えーじ :verified: on 2024-09-04 at 08:08

Digital Credentials API is a new web platform API that allows websites to selectively request verifiable information about the user through digital credentials such as a driver's license or a national identification card stored in a digital wallet.

Learn more and sign up for an origin trial:

https://developer.chrome.com/blog/digital-credentials-api-origin-trial

=> View attached media

=> More informations about this toot | View the thread

Written by Eiji Kitamura / えーじ :verified: on 2024-08-30 at 15:37

Some new #passkey capabilities are being added to #Chrome after a careful standardization work by the community.

• Hints: allow you to control #authentication UI, especially when you want to focus on security key or cross-device authentication.

• Related origin requests: allow passkeys to work on related but different origins.

• JSON serialization: simplifies your #JavaScript code with binary encoding and decoding.

Learn more on the blog post:

https://developer.chrome.com/blog/passkeys-updates-chrome-129

=> View attached media

=> More informations about this toot | View the thread

Written by Eiji Kitamura / えーじ :verified: on 2024-08-28 at 09:51

elk.zone seems is broken for me. It shows an empty screen except for the logo at the top left corner. Am I the only one?

=> View attached media

=> More informations about this toot | View the thread

=> This profile with reblog | Go to agektmr@infosec.exchange account