Fair enough!
Comment on MFA
LodeMike@lemmy.today 7 months agoNo they fucking won’t. You know that websites are going to be massive throbbing cocks about it.
"Due to security issues, passkeys for our service must be kept in <Company name>® Secure Passkey App™
warm@kbin.earth 7 months ago
suzune@ani.social 7 months ago
Passkeys are an open standard. You need to install a Webauthn-compliant supplicant that talks to the browser. The supplicant can be anything, as long as it does the required protocol. The browser doesn’t care.
At the moment the browsers are the main problem. They need to open their APIs properly.
LodeMike@lemmy.today 7 months ago
TOTP is an open standard but look at how bad companies have fucked that up.
jj4211@lemmy.world 7 months ago
Problem is part of the standard allows the server to require attestation. So congratulations, they only bless their app, or maybe they only bless iphones.
If the service ignores that, then yes, it’s great. It’s as yet unpopular so it’s hard to know, but in adjacent industries I have seen them lock down the to the point it’s as asinine as “open your app to continue”
SuperIce@lemmy.world 7 months ago
Not necessarily. I found out that bitwarden can generate a QR code that you just scan with your phone that allows your phone to act as a passkey, no browser support required. I was surprised when I discovered that. I had set up my phone as a passkey in Windows, and Windows can use phones as a passkey directly; on Linux that’s not supported so it just gave me a QR code that worked seamlessly. It’s not like a browser URL, but actually triggers the phone’s passkey authentication, kinda like QR codes for WiFi authentication. Pretty neat.
rickyrigatoni@lemm.ee 7 months ago
Please make your device unsecure to give your account the illusion of security.
baronvonj@lemmy.world 7 months ago
“Your device has been rooted and therefore cannot be supported.”
lemann@lemmy.dbzer0.com 7 months ago
Unironically this…
Passkeys don’t work on my rooted device - they seemingly set up correctly, but sites like GH claim your device passkey doesn’t exist when you try to actually login. When you go to the affected site’s account settings to add the device as a passkey again, an error of some kind claims the passkey already exists 🤷♂️
Deleting/re-adding has no effect. Using FF with device biometric passkey auth