<p>Hi,</p>
<p>Almost half a year ago, I started a project called <a href="http://Passwordless.ID" class="autolinkedURL autolinkedURL-url" target="_blank">Passwordless.ID</a> which leverages the new <em>webauthn</em> protocol to offer passwordless authentication for everyone. The progress was slower than expected and it's now still "in development", but an early preview is available. See it in action in the following presentation (with audio please!):</p>
<div id="som-player" class="som-embed-player" data-id="c3XOXpVUp17"><iframe width="100%" height="540px" style="border:0" src="https://screencast-o-matic.com/player/c3XOXpVUp17?width=100%&amp;height=100%&amp;ff=1&amp;title=0&amp;share=1&amp;download=1&amp;embed=1"></iframe></div>

<p>In the long term, it's meant to be a free public identity provider.</p>
<p>You would have a "Sign in with <a href="http://Passwordless.ID" class="autolinkedURL autolinkedURL-url" target="_blank">Passwordless.ID</a>" button on your website to let users register and authenticate without passwords, very smoothly and more securely than with traditional password based alternatives. From a website/webapp perspective, you could simply invoke the URL <code>/openid/userinfo</code> to fetch the user info or <code>/openid/token</code> if you want a signed token to send to your API.</p>
<p>The result should be smoother for the user, easier for developers and more secure for everyone! Stay tuned.</p>


Hi,

Almost half a year ago, I started a project called Passwordless.ID which leverages the new *webauthn* protocol to offer passwordless authentication for everyone. The progress was slower than expected and it's now still "in development", but an early preview is available. See it in action in the following presentation (with audio please!):

<div id="som-player" class="som-embed-player" data-id="c3XOXpVUp17"><script src="https://screencast-o-matic.com/player/appearance/c3XOXpVUp17"></script><iframe width=100% height=540px style="border:0;" scrolling="no" src="https://screencast-o-matic.com/player/c3XOXpVUp17?width=100%&height=100%&ff=1&title=0&share=1&download=1&embed=1" allowfullscreen="true"></iframe></div>

In the long term, it's meant to be a free public identity provider.

You would have a "Sign in with Passwordless.ID" button on your website to let users register and authenticate without passwords, very smoothly and more securely than with traditional password based alternatives. From a website/webapp perspective, you could simply invoke the URL `/openid/userinfo` to fetch the user info or `/openid/token` if you want a signed token to send to your API.

The result should be smoother for the user, easier for developers and more secure for everyone! Stay tuned.

Passwordless.ID - Login with your fingerprint - Early preview video