| ▲ | djoldman 9 days ago | |
Relatedly with respect to passkeys, it seems we have the following tradeoff (simplified): 1. authentication via password: accounts stolen by criminals and then inaccessible to the user. 2. authentication via passkey: accounts lost by users because passkeys have friction, to say the least, when devices are lost/stolen/transferred. It seems that big providers would much rather scenario 2. | ||
| ▲ | anonymars 9 days ago | parent | next [-] | |
There's a saying, isn't there? Cryptography fundamentally reduces to a key management problem | ||
| ▲ | IshKebab 9 days ago | parent | prev [-] | |
Yeah probably because stolen accounts are more of a hassle for them than lost accounts. | ||