|
|
|
|
|
|
by sebk
1217 days ago
|
|
|
> But also the pro is that if you lose access to your sync fabric X (security breach, account closure), you can still use sync fabric Y. It's like backup fido2 tokens. This is forced. I'd rather decide to do that myself depending on what my risk tolerance is. The charter of the WebAuthn working group is to provide a phishing resistant authentication mechanism, not an account-closure resistant mechanism. > I think the security benefit of passkeys outweigh the small vendor lock-in they might create. Absolutely, but we shouldn't have to choose! I'm not so sure the Big 3's desire for you to use their systems outweigh their desire for you not to get phished (since it also carries a cost for them), so I believe they at least have some incentive to play nice. |
|
|