SQRL invented the anti-phishing public key cryptography based approach to website authentication many years ago. It was a beautiful spec of one page with multiple grassroots implementations.
Then the...
Ah, well that’s the trick: you don’t lose your key if you lose your phone. At least, not with the major players’ implementations. It syncs “with the cloud”, and you can simply buy a new device and auth with the same account to recover it.
Yep. Simple password/secrets management. Password Manager in google, keychain in Apple…
And so here we see a hint of the end game: they control your logins to every account you use the passkey on.
Power concentrates.
Fuck that.
The answer is to get a couple of yubikeys. Take 5 minutes to learn it.
Yep. Simple password/secrets management. Password Manager in google, keychain in Apple…
And so here we see a hint of the end game: they control your logins to every account you use the passkey on.
Power concentrates.
Fuck that.
The answer is to get a couple of yubikeys. Take 5 minutes to learn it.
1❤️4
