[jjnoakes]

I have over 500 online accounts. Imagine if all of them used a login method where I had to have backup devices registered, instead of just me backing up the credentials (like I do today with a password manager).

With backup devices, whenever I upgrade or replace a device, I need to go to each of the 500+ online accounts and register the new device. This is much more work than a quick login to each site via my password manager (which can happen on-demand, only as I need to use the services).

[stavros]

WebAuthn credentials can be backed up, if you want. They can also be impossible to back up (and thus steal), if you want. It's up to you, which is more than I can say about passwords.

[jml7c5]

Do you know of any implementations that allow this? I've been looking around and even Yubikeys can't do it.

[pabs3]

See the virtual-fido project I posted elsewhere in the thread.

[jml7c5]

Thank you!

[skybrian]

Yeah, this is why I connect unimportant accounts to Google or GitHub, and use two step auth only for the important ones.

[dickhardt]

I founded Hellō to solve this problem. A neutral service where you get to choose how to login, and how you can recover your Hellō Wallet. Done.

See Show HN post I wrote this morning https://news.ycombinator.com/item?id=33178285

[jml7c5]

I think you've pasted the wrong link.

[rohanharikr]

https://news.ycombinator.com/item?id=33177705

[dickhardt]

doh -- https://news.ycombinator.com/item?id=33177705