Changing the definition of Reauthentication #22

maxhata · 2020-11-01T07:24:27Z

The current definition is a little confusing. So proposing a new text to tighten the definition.

eldanb · 2021-10-11T14:51:19Z

HowToFIDO.md

@@ -16,8 +16,7 @@ _Employing FIDO authenticators and the WebAuthn API in your sign-in flows: A gui
     Note that this is *different* from creating an account with a
     service in the first place.

-  **Reauthentication** happens when a relying party already knows
-     who the user is, but would like to reconfirm this. For example,
+-  **Reauthentication** is a generic term widely used for reconfirming authentication of the user when the user is already known or authenticated. For example,
     this happens before making sensitive changes to an account (add a


Note that section 3 says "
Reauthentication might happen for the following reasons:

The user signed out and now wants to sign in again.

... "

If the user is signed out and now wants to sign in again, the user is not already authenticated...?

Changing the definition of Reauthentication

db69086

maxhata mentioned this pull request Nov 2, 2020

Definition of reauthentication #1

Open

eldanb reviewed Oct 11, 2021

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Changing the definition of Reauthentication #22

Changing the definition of Reauthentication #22

maxhata commented Nov 1, 2020 •

edited

Loading

eldanb Oct 11, 2021

Changing the definition of Reauthentication #22

Are you sure you want to change the base?

Changing the definition of Reauthentication #22

Conversation

maxhata commented Nov 1, 2020 • edited Loading

eldanb Oct 11, 2021

Choose a reason for hiding this comment

maxhata commented Nov 1, 2020 •

edited

Loading