It would be highly beneficial to have a QR code system for Internet Identity, facilitating logins from different devices with confirmation via an already authorized device.
This would be particularly useful when logging in from a device lacking a Secure Element, for example, a work PC (that does not support SE). I could then easily authenticate my access using my mobile phone, which is equipped with a Secure Element.
If there are any security considerations that I’ve overlooked, I’d appreciate it if you could enlighten me.
Doesn’t this already work with passkeys and e.g. the device option in chrome? For example in chrome you can decide to use your phone instead of device biometrics. Also in safari you can use your iPhone if I remember correctly.
Keep in mind you might have to press cancel first when the browser biometric (WebAuthn) popup is shown and you want to use a device instead.
While I concede your point, not having conducted an empirical verification, the complexity appears to surpass the standard procedure of exhibiting a QR code at the login interface, a task efficiently completed via a mobile device scan.
This is reminiscent of common protocols employed when gaining access to crypto exchanges, discord, and the like.
Thank you, @Ajki! We are planning to introduce the flow that you proposed, and it is a relatively high priority on our roadmap. Thanks for the idea and contribution!
I appreciate it, I believe it will simplify the process of logging in using internet identity without the need to add additional trusted devices and/or use third-party tools.