| ▲ | josephcsible 2 days ago | |||||||
How is this any better than just storing the value in a password manager, or in YubiKey's "Static Password" mode? Also, the "ECDSA Public Key Recovery" picture makes me suspect this is AI slop. | ||||||||
| ▲ | sandeepkd 2 days ago | parent | next [-] | |||||||
I think if you are doing it in the browser then you bind the flow to the request origin making it phishing resistant compared to a static, origin agnostic storage | ||||||||
| ▲ | csuwldcat 2 days ago | parent | prev [-] | |||||||
How it's better: automatically synced across all a user's devices, not subject to manual interactions with input fields (you can't programmatically request/regen passwords the same way you can with this). I did use AI for the ECDSA public key recovery diagram, because I wasn't about to spend hours hand rolling that in Lunacy. It's correct in broad strokes, and anyone who wants to understand it more deeply can just look at the code, imo. | ||||||||
| ||||||||