Thanks, this was very useful. Interested to see where the device public key extension ends up.
@tocube1
Жыл бұрын
it sounds cool but it reveals new attack surfaces! instead of phishing sites, you should now worry about your private key getting stolen off your phone/pc/etc. you always had your password in your mind and now it's always stored on your devices and is prone to hacking. what if a bug is found for the locking mechanism of your phone and you're an update behind? what if your phone is old and is not gonna get new updates at all? it's not just phones, it's all our other devices as well! you're literally suggesting us to save our password on our devices instead of memorizing them and having 2FA(not the SIM card one). I think the best option is still memorizing our main password and letting a password manager keep the rest while having 2FA app always enabled and backed up.
@pourquoippaass4284
Жыл бұрын
Yep, I'm not convinced either. We would go back from "something I know + something I own" to just "something I own". Feels like a stepback to me.
Пікірлер: 3