undefined | Better HN

0 pointstialaramex5y ago0 comments

Again, other than AWS which "more sites"?

Dropbox, Facebook, Google, GitHub, GitLab, even Login.gov works fine with multiple tokens.

More sites should do WebAuthn (you should not do greenfield deployments of U2F today, WebAuthn is the standard). Yes, AWS should fix their feature but that shouldn't block the next ten would-be Unicorns from doing WebAuthn.

0 comments

3 comments · 1 top-level

dheera5y ago· 2 in thread

Twilio, Kraken, Paypal, Gusto, Bittrex, Coinbase, ...

tialaramexOP5y ago

But none of these support U2F or WebAuthn at all. The problem isn't that they need to support "multiple" tokens except in the sense that they don't support any at all.

dheera5y ago

They all support TOTP and some (such as Kraken) support U2F.

Point is whether it's U2F or Web'n'Auth or TOTP they need to support multiple keys.

1 more reply

j / k navigate · click thread line to collapse