Stories
Slash Boxes
Comments

SoylentNews is people

This discussion has been archived. No new comments can be posted.
If you could only have one piece of SN swag, what would it be? | Log In/Create an Account | Top | 90 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Interesting) by TheRaven on Monday March 30 2020, @03:43PM

    by TheRaven (270) on Monday March 30 2020, @03:43PM (#977246) Journal
    I'm starting to like things that use WebAuthn. I use it with Windows Hello (stores the key in the TPM, access controlled by biometrics) and with GitHub's SoftU2F on Mac, which stores the keys in the keychain and provides an emulated U2F device. In both cases, the credentials are more secure than a password stored in a key manager. The macOS version is less secure, because a root compromise can extract the key, but a compromise of my account can only do online attacks, it can't exfiltrate the key on either version (WebAuthn shares a public keypair and each login just signs something with the private key that can be validated by the public key).
    --
    sudo mod me up
    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3