top | item 45754288

(no title)

m-p-3 | 4 months ago

> But no they have to live in their secured enclave or on a dongle so that you can't copy them between devices because nothing ever happened to a device.

I'm actually fine with this. It's like how SSH private keys are supposed to be handled: generated on the device, and never supposed to leave it.

The proper way of doing Passkeys is to have several Passkeys enrolled in your account, so that you always have a trusted device to access your services. Now, if the service doesn't allow multiple Passkeys per account that IS a problem.

discuss

No comments yet.