We have just released a new version of Internet Identity that streamlines the authentication process. It is now possible to login to any dapp with just a single click, as the authenticate and authorize authentication screens are now unified. This is what it looks like:
Check it out by logging into your favorite dapp. We hope you like this change and we would like to hear your opinion.
Thanks for the upgrade mate looks good, i would sleep better if you could you please also re-add the security pin for yubikey logon, there use to be a pin required after you push the button but currently all you need to do is physically touch the yubikey to gain access.
knew I noticed something different. Thanks a ton for this new update!
Thanks for the feedback. We are aware of this issue, but there is a little more complexity to it. See this explanation by @bjoern on why we currently do not ask for the PIN: Discourage user verification by Dfinity-Bjoern · Pull Request #311 · dfinity/internet-identity · GitHub.
As for the implementation of proper checking of authenticatorData, the most up to date resource is this topic: Internet Identity Roadmap Update, June 2022
The issue is called “FIDO2 User Verification”.
Great work guys. Would still be great to have a second yubi key option if the thumb print can not be replied upon as a login for backup devices on apple hardware.
Not sure what you mean by “second yubi key option”?
As far as I can see you can only add one security key for all your devices you add to your internet identity. If you loose your security key you have no backup apart from your seed phrase. Thumb prints login is not working properly on apple hardware as it can can deleted by osx by clearing your browser cache
You can add multiple Yubikeys already, there is no restriction on that. Each of the Yubikeys is then usable across all the devices (well, those with compatible connectors…).
I can not see that option, do you know where it is? Hmm under recovery mechanisims There is an option to add a recovery key, but only one. The only way for this to be multiple keys is that this recovery key is a different key to the one I use to login? The information is not clear.
Just go to the management page, sign in, click on “+ add new device” and choose “Local Device”. You can only add one Yubikey as a recovery key, but you can add multiple as authentication devices.
thanks, this is extremely confusing though, its not clear what is meant by “devices” and also how these differ from recovery mechanisms.
If a device can be a laptop or a security key these are not the same thing, so now I’m totally confused by what a device is?
I just added a new device which I think was a security key, but it could have been my laptop, the instructions don’t make it clear what is happening.
Saving a single click actually makes a huge difference in UX. Thanks for doing this!
Thanks for making things easier for us. Super cool
Very nice. It’s easy and convenient.I love this upgrade.
Are you considering removing the two screens I have to click through when I don’t have a recovery device setup, but multiple security keys where one of them acts like a backup? I’ve brought this up in the identity working group before
Yes, we have it on our backlog for smaller UX improvements.