Loading...
 
Skip to main content

History: Passkey

View published page

Source of version: 9 (current)

Copy to clipboard
             # WebAuthn Authentication Support in Tiki using Passkeys

[https://gitlab.com/tikiwiki/tiki/-/merge_requests/6997|Introduced in Tiki 29.] 
Passkeys offer a modern, secure, and passwordless way to log into your Tiki site. Instead of remembering complex passwords, you can use your device’s built-in authentication—like fingerprint, face recognition, or a PIN—to sign in quickly and safely.

## What Are Passkeys?

Passkeys are a new type of login credential based on public key cryptography. They’re:

- **Phishing-resistant**: No secrets are shared with the server.
- **Easy to use**: Authenticate with biometrics or device PIN.
- **Cross-platform**: Sync across devices via services like iCloud or Google Password Manager.

## Why Use Passkeys in Tiki?

- Stronger security than traditional passwords.
- Faster login experience for users.
- No need to remember passwords or reset them.
- Works with major browsers and platforms (Chrome, Edge, Safari, Android, iOS, Windows, macOS).

## How to Enable Passkey (WebAuthn) in Tiki

**Note**: This feature is available in ((tiki29)) and above. 
Make sure your site uses HTTPS and is served from a secure domain.

- Go to Settings → Control Panels → Global Setup → Registration & Log in
- Enable Advanced features, the **Enable WebAuth** by checking it on.
- Save changes by clicking "**Apply**"


{img fileId="2207" stylebox="border: 1px solid #000" width="787"}

## How to Register a Passkey (User Steps)

- Log into your Tiki account the usual way.
- Go to System Menu → Webauthn
- Click Register Device


{img fileId="2208" stylebox="border: 1px solid #000" width="787"}

- Follow the prompts to register your device (you may be asked to use Face ID, fingerprint, or a PIN).
- Once d You can now log in using your passkey.

{img fileId="2209" stylebox="border: 1px solid #000" width="787"}

## Logging In with a Passkey

- Visit your Tiki login page.
- Input your Tiki user name, check **Webauth Login** and click **Log in**
- Choose your device or browser-stored credential.
- Authenticate using your device (biometrics or PIN).

{img fileId="2210" stylebox="border: 1px solid #000" width="787"}

## Compatibility

Passkeys work on:

- Browsers: Chrome, Safari, Edge, Firefox (latest versions)
- Platforms: Windows, macOS, Android, iOS
- Password managers: iCloud Keychain, Google Password Manager, 1Password, etc.

Note that some engines ports or browsers haven't implemented this feature yet, including WebKitGTK / WPE / Epiphany: https://gitlab.gnome.org/GNOME/epiphany/-/issues/1007 depends on https://bugs.webkit.org/show_bug.cgi?id=205350

## Related readings

- [https://dev.tiki.org/Passkey|Developper documentation]
- [https://arstechnica.com/security/2025/05/phishing-attacks-that-defeat-mfa-are-easier-than-ever-so-what-are-we-to-do/|Why MFA is getting easier to bypass and what to do about it]
- [https://www.theregister.com/2024/11/17/passkeys_passwords/|Will passkeys ever replace passwords? Can they?]
- [https://blog.google/inside-google/googlers/ask-a-techspert/how-passkeys-work/|How passkeys work

]