Passkeys with no user verification provide more or less the same security as email OTP right?
05.03.2026 10:31
π 3
π 0
π¬ 1
π 0
Passkeys with no user verification provide more or less the same security as email OTP right?
Yeah it's not great but I don't think the premise is that bad either and this is infinitely better than forcing applications or OSes to do age verification by using AI or collecting IDs
The whole point of the legislation seems to be:
1. Allow parents to have more control over their children's online activity
2. Force applications to respect parents' decisions and do basic age checks
3. Make enforcing COPPA etc easier
I can't tell if "applications" include websites tho. The text seems to treat "software applications" and "websites" differently but idk
We might see a new web API or HTTP header?
The bigger issue is that apps have to request for the age bracket info even if they don't have a use for it. It also seems to apply to ALL devs/apps
I wonder if the signal will be included in env vars or something like that so it's technically requested by all software by default
The California law to require "age verification" in OS doesn't really seem to be about age verification. It just mandates OSs to allow parents to create accounts for children and for apps to use the age info of accounts
I get to like 80 wpm comfortably and 100 if I try hard enough. Not efficient but it works
The big downside is that this only really works on MacBooks lol
Behold my terrible keyboard finger position
blue: thumb
green: index
yellow: middle
red: ring
pink: pinky
βͺIβm finding Goβs standard library to be very helpful because it supports a lot of public key formats on top of the signing algorithms but creating a parser for them is still doableβ¬
βͺHandling attestation statements is probably a different story thoβ¬
Back to WebAuthn after a year and Iβm fully convinced you donβt need a library for it
Well except for the crypto stuff
Implementing this in Go right now but my allergies are killing me
Looks like the bug has existed for over a year!a
www.1password.community/discussions/...
Passkeys are broken on the Nintendo Account's website because there's a bug in their base64url decoding lol
Do you see the issue?
Eh I think it's fine for passkeys to be opt-in ("Do you want create passkey?") until Apple and Google figures out how to explain them to normies
I don't hate passwords but it's not super user friendly once you have complex password requirements. It's great for those who use a password manager but these people already use (or can use) passkeys
Adding back-up passwords might not hurt but again more complexity
One possible issue I guess is that passkeys are significantly stronger than email OTP so some users might prefer to have the option to add a second factor (passkey or security key) with email OTP or outright disable it
Adds complexity but imo worth it for security sensitive appp
Email OTP is the best option for the regular user
Passkeys are the best option for more tech literate users
Provide both and you got a login system that's better than most apps
The web as a whole ignore bilingual users
Doesn't work unfortunately, especially for programming stuff
The only solution I've found is to literally add "in English" to the search
I need to create a browser extension that appends "in english" to all google searches because I'm fucking tired of getting japanese results for everything
How can I say no to a 20% discount?
I couldnβt resist
Itβs sooo good. Itβs so much better than my Sundara. Super clean and surprisingly wide sound. Great build quality too
Nah just made some wrong analysis
Had a feeling something was wrong and found some glaring issues after a few days. Super glad I didn't rush it out
Very proud of this one :)
I'm seeing wildly inconsistent performance (2x) between different Hetzner instances of the same type
I believe the bottleneck is the memory bandwidth
Trying to map the names of Japanese and US cuts of meat is a whole another issue as well. Finding a good thickness too. Why are the steaks either 1 cm or 10 cm??
I did learn recently that Japan does have native breeds of cows that's less marbled but they only accounts for like 1% of the total population. Really expensive too
Finding a good cut of steak feels impossible in Japan. You can only find cheap stuff from Australia or really expensive wagyu that's 90% fat. I haven't seen US Prime in 4 years. Where's my dry aged or A2 wagyu?
I fucking hate LINE and PayPay sooooo much
Both of them have every single thing I hate about Japanese UI/UX design distilled into them
Didn't try the high-end hifimans but I didn't find their other headphones with a similar shape to be super comfortable