Loading...
 
Skip to main content

History: Passkey

View published page

Source of version: 8 (current)

Copy to clipboard
            ! WebAuthn Authentication Support in Tiki using Passkeys
[https://gitlab.com/tikiwiki/tiki/-/merge_requests/6997|Introduced in Tiki 29.]
Passkeys offer a modern, secure, and passwordless way to log into your Tiki site. Instead of remembering complex passwords, you can use your device’s built-in authentication—like fingerprint, face recognition, or a PIN—to sign in quickly and safely.

!! What Are Passkeys?
Passkeys are a new type of login credential based on public key cryptography. They’re:
* __Phishing-resistant__: No secrets are shared with the server.
* __Easy to use__: Authenticate with biometrics or device PIN.
* __Cross-platform__: Sync across devices via services like iCloud or Google Password Manager.

!! Why Use Passkeys in Tiki?
* Stronger security than traditional passwords.
* Faster login experience for users.
* No need to remember passwords or reset them.
* Works with major browsers and platforms (Chrome, Edge, Safari, Android, iOS, Windows, macOS).

!! How to Enable Passkey (WebAuthn) in Tiki
__Note__: This feature is available in ((tiki29)) and above.
Make sure your site uses HTTPS and is served from a secure domain.

* Go to Settings → Control Panels → Global Setup → Registration & Log in
* Enable Advanced features, the __Enable WebAuth__ by checking it on.
* Save changes by clicking "__Apply__"

{img fileId="2207" stylebox="border: 1px solid #000" width="787"}

!! How to Register a Passkey (User Steps)
* Log into your Tiki account the usual way.
* Go to System Menu → Webauthn
* Click Register Device

{img fileId="2208" stylebox="border: 1px solid #000" width="787"}

* Follow the prompts to register your device (you may be asked to use Face ID, fingerprint, or a PIN).
* Once d You can now log in using your passkey.
{img fileId="2209" stylebox="border: 1px solid #000" width="787"}

!! Logging In with a Passkey
* Visit your Tiki login page.
* Input your Tiki user name, check __Webauth Login__ and click __Log in__ 
* Choose your device or browser-stored credential.
* Authenticate using your device (biometrics or PIN).
{img fileId="2210" stylebox="border: 1px solid #000" width="787"}

!! Compatibility
Passkeys work on:
* Browsers: Chrome, Safari, Edge, Firefox (latest versions)
* Platforms: Windows, macOS, Android, iOS
* Password managers: iCloud Keychain, Google Password Manager, 1Password, etc.
Note that some engines ports or browsers haven't implemented this feature yet, including WebKitGTK / WPE / Epiphany: https://gitlab.gnome.org/GNOME/epiphany/-/issues/1007 depends on https://bugs.webkit.org/show_bug.cgi?id=205350

!! Related readings
* [https://dev.tiki.org/Passkey|Developper documentation] 
* [https://arstechnica.com/security/2025/05/phishing-attacks-that-defeat-mfa-are-easier-than-ever-so-what-are-we-to-do/|Why MFA is getting easier to bypass and what to do about it]
* [https://www.theregister.com/2024/11/17/passkeys_passwords/|Will passkeys ever replace passwords? Can they?]
* [https://blog.google/inside-google/googlers/ask-a-techspert/how-passkeys-work/|How passkeys work
]