[lddemi]

Fun demo but who is this really for? Is there a requirement for these devices anywhere aside from corporate security?

[cmdli]

Personally, I prefer the "approval" process of YubiKey/U2F devices over having to enter a code, but I also dislike having to have a hardware device on me at all times. Also, with WebAuthN and passwordless login, YubiKeys are now able to be used to authenticate people, so I figure it would be nice to have a software solution for that.

Granted, this is still just a demo, so it's a long way off from something somebody would regularly use.

[dspillett]

> Fun demo but who is this really for?

Would being able to create virtual devices like this be more useful for testing authentication flows, compared to having physical test devices?

[convolvatron]

this might help w/ adoption. it would be _really nice_ to use FIDO, but I don't want to restrict my usability to people willing to carry a key around. as a compromise I think having a weaker key is better than having paths where pki is disabled

[altairprime]

This is primarily of use to people who want to disregard hardware authenticator requirements imposed by third parties without their consent.

[postalrat]

Jeez. That's almost as bad as requiring a password!