First-party passkey support in django.auth

[Nick Meyer]

Passkeys are quickly gaining traction as a more secure and user-friendly alternative to usernames and passwords. It would be a great feature for Django users and send a strong signal to the wider community if django.auth and the supporting code and UI were updated to support passkeys as a first-class alternative to usernames and passwords.

Items that would need to be updated (not exhaustive):

• User models would need to be updated to support multiple passkeys
• Authentication logic updated to support passkeys (WebAuthn relying party implementation)
• Login UI updated to support choice of login with username/password or passkey

I understand that all of this can (and likely has) been implemented as a separate app/package, but again I feel it would be a great first-party feature and send a strong message to the wider community of the superior security and user-friendliness of asymmetric key cryptography over legacy usernames/passwords.

[Natalia Bidart]

Hello Nick, thanks for taking the time to file this ticket.

To request/propose a new feature for Django, the recommended path forward is to, first, propose and discuss the idea with the community and then gain consensus. To do that, please start a new conversation on the ​Django Forum, where you'll reach a wider audience and likely get richer feedback. For this proposal specifically, I see that there is a related forum post, so perhaps you could add to it?

​https://forum.djangoproject.com/t/django-auth-admin-and-passkeys/22181/2

I'll close the ticket for now following the ​triage docs, but we could eventually re-open if there is a community agreement for the feature request. For more details, please see ​the documented guidelines for requesting features.

Thanks!