top | item 47191653

(no title)

It is conundrum that passkeys were designed to help the majority as they are frictionless (like passwordmanagers etc) but fail in reality.

Even those that have 2 devices they don't have them all the time.

Another overlooked issue is that some banks etc don't allow for 2 devices as login or 2FA. Even if it allowed one needs to keep the spare device always updated. Either Govt needs to build a common API that one can use directly through google pay or apple pay - so that only one app is needed to be kept up to date.

to be honest, I wouldn't mind if google/Apple can take all my private data and passkeys hold them - but at least then if I lose the phone - and I show my ID they should allow me to setup my new phone. But that is also not possible. (I am discounting the awful AI bans)

discuss

lxgr|1 day ago

You're thinking about hardware authenticators, not Passkeys. Passkeys are definitionally synchronized and backed up in the cloud (otherwise you just have a sparkling WebAuthN authenticator).

Proprietary clouds and sync backends create their own set of problems, but they do solve the availability issue of always having to register at least two different security keys with each service.

> to be honest, I wouldn't mind if google/Apple can take all my private data and passkeys hold them

That's exactly what you can do today!

> I show my ID they should allow me to setup my new phone.

You have to show them your phone number, which for better or worse is our age's "showing ID", but then you can indeed get back in.

faust201|14 hours ago

> have to show them your phone number,

Not always working. You can see often in google community support people lost their phone. Get a new sim card and phone. Google sends the 2FA request to old phone - without that they cannot restore data.

Double whammy for people that use eSIM that gets sent to their old email address.