re: A world without passwords VIEW POST

TOP OF THREAD FULL DISCUSSION
re: Thanks for the link though also kinda worrying at the same time as it seems like a big thing to leave to individual implementations. For example, A...

I understand your concern, but keep in mind big names are involved in delivering these features. Google, Microsoft, Yubico, Auth0, are just a few.

To give you an example, if you have a Yubikey, it works everywhere cross platform.

I'd be more thinking about how many public keys you'd have over time and what devices do to securely store those private keys 🤷‍♂️

Fido is working on a cross platform spec for BLE called caBLE to allow the credentials on your phone to be used with other devices like a Windows desktop. That is working now in beta on Android for Google accounts.

A external authenticator in combination with platform authenticators is probably the best option.

With passwordless the keypair is the only thing needed to get into the account making synchronising private keys across devices a very sensitive task.

Great post. Thanks.

code of conduct - report abuse