Remix.run Logo
raxxorraxor 9 days ago

I like capability URLs. I know an URL isn't a secret, but it works in practice and it works well.

A bad practice is the shorten the code validity to a few minutes. This cannot really be justified and puts users under stress, which lessens security.

The discussion around passkeys, who is and isn't allowed to store them, almost killed them for me personally. I use them for very, very few services and I don't want to extend it.