|
|
|
|
|
|
by Dagonfly
182 days ago
|
|
|
Well it relates to this sentence: > You can use any credential manager you choose. Which I would be careful with. I can use any authenticator that the RP accepts. I could totally see a future where banks only allow certain authenticators (Apple/Google) and enforce this through AAGUID or even attStmt. Similar to the Google Play Protect situation. At that point, those banks/services would enforce vendor lock-in on me. The reality would be: I can use iOS or Android, but not a FOSS implementation. This restriction is not possible with old-school passwords. |
|
|