Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Every passkey setup flow I've ever seen has allowed me to use a hardware key or the OS provided store. Am I missing something?


Have you:

A) read the article, paying particular attention to the screenshots therein (ESPECIALLY particularly to the user experience on an Apple device), and

B) noted the part of my comment where I say that I should be able to set the choice of using hardware keys one time instead of needing to do so every time I create a new credential?

Today it's so hard to use a hardware key with Google Play Services that I (a software developer who actually works in this field) have had users tell me their phone didn't let them do it at all. In reality, the support was there, is was just so unusable they didn't even understand they had that option.


Some flows might allow only Platform authenticators (disallowing external hardware keys)

https://developers.yubico.com/WebAuthn/WebAuthn_Developer_Gu...

https://www.reddit.com/r/webauthn/comments/197ggm7/comment/k...

The only one that I witnessed, is the optional passkey for restoring your Whatsapp account




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: