Comment by foxyv

4 months ago

They also store passkeys for logging into websites with biometrics and PIN.

So do hard drives.

  • Yeah, you can implement a software based method using PBKDF2 or BCrypt. This is why most password managers use a "Master Password." They are much less convenient than hardware based keys like Yubikey and HSMs/Secure Enclave.

    • Secure enclave is not an alternative for Yubikey because the program inside enclave cannot tell if the request comes from the user or from malware.

      1 reply →