| |
| ▲ | palata 8 days ago | parent [-] | | I don't think your reasoning holds. You say "I know situations where one passkey client works with some websites and not others, but I don't know situations where a website works with some clients and not others". If the website accepts a password, then it can't prevent you from using the password manager you want. But if the website accepts FIDO2 passkeys, it's the same thing, isn't it? | | |
| ▲ | valenterry 8 days ago | parent [-] | | > but I don't know situations where a website works with some clients and not others For example: https://www.w3.org/TR/webauthn-2/#dictdef-authenticatorselec... > If the website accepts a password, then it can't prevent you from using the password manager you want. But if the website accepts FIDO2 passkeys, it's the same thing, isn't it? Unfortunately not... | | |
| ▲ | palata 7 days ago | parent [-] | | > For example: [...] Those sound like requirements similar to those that can be enforced with passwords. My company enforces an SSO system with an MFA scheme that is controlled by the IT department. I can use my password manager for the password part, but I must use the mandatory MFA app. In that sense, I am not sure it is so different from passkeys? | | |
| ▲ | valenterry 6 days ago | parent [-] | | Now you are not comparing passwords with passkeys anymore, but MFA with passkeys. Not sure what the point is in the context of the discussion. > In that sense, I am not sure it is so different from passkeys? Yes, if it means "company specific SSO* and a company chooses to force you to use the hardware they decided on, then that is in fact not very different from the passkey constraints. |
|
|
|
|
