undefined | Better HN

0 pointseadmund10mo ago0 comments

> Passkeys is the way to go.

No, please, not as long as attestation is in the spec. I firmly believe that passkeys are intended to facilitate vendor lock-in and reduce the autonomy of end users.

Frankly, I do not trust any passkey implementation as much as I trust a GPG-encrypted text file.

0 comments

2 comments · 2 top-level

timmyc12310mo ago

There is no credential manager attestation in the consumer synced passkey ecosystem. Period.

palata10mo ago

I use a FIDO2 security key, I fail to see how I am locked in. Can you elaborate?

j / k navigate · click thread line to collapse