Create icon / API for PWAs to enable password managers


#1

Something that PWAs lack (intentionally) is the browser chrome, at least once saved to homescreen.

That means when you need to login, you cannot ‘share’ the page to a password manager like the browser can, or lastpass/1password.

Apps can get around this by including it as part of their inputs, e.g:

The circular icon with a squiggle in the email field opens up your default password manager, which can then fill in the username/password fields. Without it you have to app-switch, which adds many steps to the process, and will reduce the numbers using PWAs.

Can an equivelent be created for chromeless browsers?


#2

I don’t think adding an icon to trigger this is a good idea. That’s putting the browser into altering the UX of the web application in question. I think it would be best if there was some method exposed for PWA’s launched directly for password manager’s and OSes to look for to know which domain it belongs to. That way, it’s behind the scenes and things “just work” like normal.


#3

Well, that is how most password managers work, e.g. Lastpass puts icons on the inside-right of each username/password input.

But anyway, I’m looking for a method of seamlessly using a password manager in a PWA, I’m not set on the specific example. Given that saved PWAs are essentially Chromeless, I think something would have to be added to the page?


#4

I understand that is what password managers do in browser extensions. But in the context of a PWA you aren’t working in a browser context. You’re working as a regular application. So, I think it would be best to explore methods of working with the native platforms which provide password management APIs already vs just throwing something into the design of an app.


#5

Do PWAs not work within a web view?

The way the native one works (in iOS) is with native code (Swift, Objective C), AFAIK that isn’t available to PWAs.

Presuambly there does need to be something provided by the native platform, but that something needs to work in a webview, no?


#6

PWA’s as far as I understand it aren’t necessarily tied to any web view implementation. They extend from the browser itself they are initiated with.

Android for example has the autofill framework to allow apps to autofill content within other apps. I think there should be a way for PWAs to take advantage of this kind of API in this context. If iOS doesn’t provide a comparable method at the OS level for this, then that is up to them to get figured out. They do have some form of a Password Autofill API using your Apple Keychain data. So that would probably be the same thing that gets triggered in this case.

Now the native APIs may need some work to make this achievable cleanly, but that’s something to push for over forcing an icon into text fields in my opinion.


#7

In iOS (tested with Twitter Lite) you have access to the Safari password manager. Yo do not have access to another password manager through the sharing dialog like in Safari.

I guess this is a limitation of Safari and not the Web standard. I think if you have a input field with type password then this is enough markup for a browser to know that it should show the password manager field.


#8

That’s a good point, my device is setup to use an external PW manager, so saving passwords in Safari is disabled - I get no options in Twitter lite.

But if type=password should be enough, then it’s a matter of raising bugs per platform… somehwere.