Comment by nehal3m
8 months ago
True, but it does force citizens into a contract with either Apple or Google. I don’t think that is a good idea both from the perspective of individual freedom and national sovereignty.
8 months ago
True, but it does force citizens into a contract with either Apple or Google. I don’t think that is a good idea both from the perspective of individual freedom and national sovereignty.
Nothing beats a hardware token.
I would also use Yubikey for banking, but I am scared as f. what happens if I lose it while traveling abroad.
I wish that was an option, in most cases the phone becomes the hardware token, and that can be lost too. Or broken, or out of power or without internet connection.
I even have a personal anecdote. My wife "lost" her phone in Iceland. I make her login to find-my-phone with her google account, and 2fa was needed. Thankfully she had her Yubikey in her keychain (plus, we enrolled each other's key), so she was able to login. Push notification or TOTP/SMS were all not an option.
I think it should be standard to allow registering multiple tokens, which would be equivalent to a backup for your purposes.
You can copy this if you buy two. You would have to store one somewhere, where it can be fedexed to you.
1 reply →
I don't want a hardware token generator since it is guaranteed that I will lose it.
Carry two, leave another in a safe somewhere in your home country?
Otherwise, yeah... Passkey it is
The principle issue with hardware keys as implemented today via FIDO2 or U2F is that you can't enroll them without having them in your physical possession, which means if you have a backup key stored offsite, you have to fetch it anytime you sign up for a new service.
1 reply →