I'm Ideating on offering Scan QR Code to Login as a Service.<p>How it works?
1. Add your account to my authenticator app.
2. Whenever you need to sign-in, scan the QR code displayed on the website from my authenticator app.
3. Enter your device pin or use TouchId/FaceId and you will be logged in on the website.<p>My service will manage the generation of the QR codes, the authenticator app, etc. I also think 2FA will not be needed when using this as my authenticator app will check two factors -
1. If the request is being made from the device which the users posses.
2. The passcode/biometrics of the phone.<p>I think my service will be really useful for no-code/low code websites as well as websites which do not have a native mobile app. Please let me know what you think about this idea.<p>PS - I'm not sure if it's ok to post this on HN, please let me know if it's not ok and I'll take it down.
You should take a look at LoginID: <a href="https://loginid.io/" rel="nofollow">https://loginid.io/</a><p>The idea of using QR codes is interesting too. The downside of WebAuthn is that the credentials generated by Touch ID/Face ID are associated with a single device. If you want to log in from somewhere else, it doesn't work.<p>You could, however, use your QR code idea to have the user scan it from their enrolled device (e.g., phone) and then log them in.
Saas pass has a scan barcode login (with 2fa) option. You can configure any of the mfa methods you want from the developer api. Good luck with your venture.