Hello, tone-policing genocide-defender and/or carnist 👋

Instead of being mad about words, maybe you should think about why the words bother you more than the injustice they describe.

Have a day!

  • 0 Posts
  • 157 Comments
Joined 1 year ago
cake
Cake day: June 10th, 2023

help-circle










  • Ah. If we’re talking mobile, all bets are off. FIDO prompts require Apple and Google to provide the necessary APIs for third-party devs to use, and are still somewhat new. It’s likely that since iOS browsers are still just re-skinned WebKit (until the EU stuff settles and Mozilla implements Gecko on iOS), FF on iOS can leverage the OS APIs, but making it work with Gecko on Android requires more work.

    I was referring to desktop, where those limitations aren’t a hindrance.





  • FYI: the people in here recommending the open source competitors for Yubico aren’t mentioning one thing: YubiKeys, being proprietary, support a proprietary protocol called Yubico OTP in addition to the FIDO authentication protocol that the open source competitors can do.

    The reason this matters is that some applications, like the Linux Bitwarden desktop app (there are others, but this is one that I’ve had to deal with), don’t support FIDO authentication, but do support Yubico OTP. This means that, for those apps, the open source keys wouldn’t be a valid authentication method.

    Granted, the number of applications like this are small, and probably grows smaller by the day, but it’s an important distinction to be aware of.