Remix clone Hacker News

new | show | ask | jobs Github

	▲	alyandon 4 days ago
		`(1) is already true today. There is no way for services to enforce whether a passkey is stored in software or hardware.` Challenge: Go and try to register a non-blessed passkey type with PayPal and come back and share your experience. `(2) I understand you don't like the user experience` Pretty much my complaint. Passkeys allow for service providers to do dumb things that result in terrible UX. With Password + TOTP, I don't get asked to touch a sensor, enter a PIN, enter an unlock password, etc.
	▲	spencerflem 4 days ago \| parent [-]
		I actually kinda like the enter-a-pin flow, it makes me feel a lot safer about letting someone hold my phone. I just hate the lock-in it adds