No, it is technically correct for nondiscoverable mode. Naturally, there should ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		chimpoftheages on June 6, 2023 \| parent \| context \| favorite \| on: Passkeys now support external providers No, it is technically correct for nondiscoverable mode. Naturally, there should be low value in breaking the opacity of the stored key as it should be a private key only used with the server that holds it. (But it would still mean many sites requesting that you replace any token found to have such a defect.)

chimpoftheages on June 7, 2023 [–]

Not sure why reality is so controversial, here are references for anyone who wants to know how a (standard) unlimited fido hardware token works:

https://security.stackexchange.com/questions/237271/where-ar...

OTOH for resident keys they usually support 50-100.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact