undefined | Better HN

0 pointsfigassis14d ago0 comments

I'd like to think I am pretty security conscious, but I still don't get the obsession with magic links (and passkeys). This is the one thing where I think I disagree with most of the industry. I thought forgetting passwords was a solved problem. I thought 2fa is much faster than searching for the last email for X provider the maybe takes 1 minute to arrive, requires retries and high tend up in spam? Some one please help me get on board.

0 comments

n4r910d ago

It depends how convenient it is for you to constantly be carrying devices that have 2fa software or the correct SIM card installed. I might prefer to simply access my email account, which I know how to do anywhere.

esseph14d ago

Autofill of password manager creds is an attack vector.

Passkeys and email links prevent things like: clipboard interception, malicious iframes, fake login UIs, etc.

j / k navigate · click thread line to collapse

0 pointsfigassis14d ago0 comments

0 comments

n4r910d ago

esseph14d ago

Autofill of password manager creds is an attack vector.

Passkeys and email links prevent things like: clipboard interception, malicious iframes, fake login UIs, etc.

j / k navigate · click thread line to collapse