Loading...
 
Skip to main content

History: Passkey

Source of version: 5

Copy to clipboard
            ! WebAuthn Authentication Support in Tiki using Passkeys
[https://gitlab.com/tikiwiki/tiki/-/merge_requests/6997|Introduced in Tiki 29.]
Passkeys offer a modern, secure, and passwordless way to log into your Tiki site. Instead of remembering complex passwords, you can use your device’s built-in authentication—like fingerprint, face recognition, or a PIN—to sign in quickly and safely.

!! What Are Passkeys?
Passkeys are a new type of login credential based on public key cryptography. They’re:
* __Phishing-resistant__: No secrets are shared with the server.
* __Easy to use__: Authenticate with biometrics or device PIN.
* __Cross-platform__: Sync across devices via services like iCloud or Google Password Manager.

!! Why Use Passkeys in Tiki?
* Stronger security than traditional passwords.
* Faster login experience for users.
* No need to remember passwords or reset them.
* Works with major browsers and platforms (Chrome, Edge, Safari, Android, iOS, Windows, macOS).

!! How to Enable Passkey (WebAuthn) in Tiki
__Note__: This feature is available in ((tiki29)) and above.
Make sure your site uses HTTPS and is served from a secure domain.

* Go to Settings → Control Panels → Global Setup → Registration & Log in
* Enable Advanced features, the __Enable WebAuth__ by checking it on.
* Save changes by clicking "__Apply__"

{img fileId="2207" stylebox="border: 1px solid #000" width="787"}

!! How to Register a Passkey (User Steps)
* Log into your Tiki account the usual way.
* Go to My Account → Security Settings
* Click Add a Passkey
* Follow the prompts to register your device (you may be asked to use Face ID, fingerprint, or a PIN).
* Done! You can now log in using your passkey.

!! Logging In with a Passkey
* Visit your Tiki login page.
* Click Sign in with Passkey
* Choose your device or browser-stored credential.
* Authenticate using your device (biometrics or PIN).
* You’re in!

!! Compatibility
Passkeys work on:
* Browsers: Chrome, Safari, Edge, Firefox (latest versions)
* Platforms: Windows, macOS, Android, iOS
* Password managers: iCloud Keychain, Google Password Manager, 1Password 

!! Related readings
* [https://dev.tiki.org/Passkey|Developper documentation] 
* [https://arstechnica.com/security/2025/05/phishing-attacks-that-defeat-mfa-are-easier-than-ever-so-what-are-we-to-do/|Why MFA is getting easier to bypass and what to do about it]
* [https://www.theregister.com/2024/11/17/passkeys_passwords/|Will passkeys ever replace passwords? Can they?]
* [https://blog.google/inside-google/googlers/ask-a-techspert/how-passkeys-work/|How passkeys work
]
        

History

Information Version
Marcellin Wabo 12
Marcellin Wabo 11
Marcellin Wabo Update passkey. Add "Managing multiple devices" and "What happens if devices is lost?" sections to documentation page. 10
Jeff Add a link to a short explanation video 9
Marcellin Wabo 8
Marcellin Wabo Add login attempt video 7
Marcellin Wabo Add gif animations to show how to register authenticators 6
Marcellin Wabo 5
Marcellin Wabo Add Gif image showing how to enable webauthn in Tiki 4
Marcellin Wabo Add a more link to related readings 3
Marcellin Wabo 2
Marcellin Wabo Create Passkey documentation page 1
Collapse/expand modules below