NEW 271747
webauthn autofill no longer prefers passkeys 
https://bugs.webkit.org/show_bug.cgi?id=271747
Summary webauthn autofill no longer prefers passkeys
James Manger
Reported 2024-03-26 23:52:01 PDT
A sign-in process that supports passkey and username+password options will often start with a form with a username field that has autocomplete="username webauthn" and a webauthn sign-in started with conditional-mediation. The user will often have a password saved for the site (in the iOS and/or Chrome password manager). Users with a passkey will also have that in their password manager. iOS used to offer a great user experience (on iOS 17.3 with Chrome or Safari). Safari and Chrome would offer passkey as the first choice. Tap the username field; tap your offered passkey; Face ID; and you are signed-in. Now the experience has been broken in many circumstances. Chrome will offer the saved password, not the passkey. The key icon beside the offered password option brings up a list with passwords and passkeys; however selecting the passkey does not work -- it autofills username+password, but does not perform a passkey sign-in. Safari will sometimes offer the passkey and sometimes a password. The key icon beside the offered password option brings up a list with passwords and passkeys; however selecting the passkey does not work -- it autofills username+password, but does not perform a passkey sign-in. The option to sign-in with a cross-platform passkey is no longer available. It is no longer clear how or if a website can trigger a great user experience that supports a customer base with mix of passkeys, passwords, and both.
Attachments
Add attachment proposed patch, testcase, etc.
James Manger
Comment 1 2024-03-26 23:54:55 PDT
Also noted on a FIDO Alliance public forum: Passkey autofill stopped working on iOS 17.4 ASWebAuthenticationSession. https://groups.google.com/a/fidoalliance.org/g/fido-dev/c/JuEW2uT_83Q
Radar WebKit Bug Importer
Comment 2 2024-04-02 23:52:12 PDT
<rdar://problem/125831008>
wring_thrower.0a
Comment 3 2024-04-18 17:06:47 PDT
+1 this behavior severely impacts the end to end flow for passkey adoption on web/webview.
small.koala
Comment 4 2024-04-23 16:41:27 PDT
Still occurring in the latest iOS17.5 beta 3 released today.
Yuriy Ackermann
Comment 5 2024-05-20 12:34:31 PDT
Still occurring in the latest iOS17.5.
Yuriy Ackermann
Comment 6 2024-05-20 12:53:03 PDT
Still occurring in the latest iOS17.5.1 beta.
Yuriy Ackermann
Comment 7 2024-05-20 13:23:48 PDT
After additional exploration, I found that only iCloud passkeys don't work. If you are using alternative passkey/password providers such as Dashlane, it works fine, so maybe iCloud Keychain issues?
Note You need to log in before you can comment on or make changes to this bug.