Gigi @Gigi - 2d
Thoughts on passkeys? #asknostr
sovereignmatt @sovereignmatt - 2d
I like
calvadev⚡️ @calvadev⚡️ - 2d
Anything with biometrics is a hard NO. You can be forced to turn over your biometric information with a warrant; not possible for passwords and PINs.
I can't zap you for some reason, so I'll have to thank you the old way. DHH quite on point, as he often is.
calvadev⚡️ @calvadev⚡️ - 1d
My main exposure to passkeys has been with my old iPhone, and it was always asking for my Face ID or fingerprint, so I've never even considered using them anywhere else. I've also always just assumed the physical devices like YubiKey relied on fingerprints, but I guess I've been mistaken on that... 😅
Gigi @Gigi - 1d
What stick do you use? Is it a full passkey, or just a physical 2FA key?
They rely on physical touch, but not fingerprints.
So you're using something like a Yubikey for 2FA, not a "full" passkey as supported by Google / Apple / 1Password etc? https://passkeys.directory/
I'm not sure I understand. Can you use a Bitbox as a passkey? https://fidoalliance.org/passkeys/
So I assume you only use one device and operating system?
You can't seem to extract the private keys (no matter where they are stored) so that's both good and bad I guess...
How do you deal with multiple devices / OS systems?
Good reflex. You're directionally right.
What's your rebuttal to the vendor lock-in concern?
Agree.
