Do not use a vendor for managing passkeys. Use a self hosted password manager li... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		udev4096 9 months ago \| parent \| context \| favorite \| on: The cryptography behind passkeys Do not use a vendor for managing passkeys. Use a self hosted password manager like vaultwarden. Or spin up an OIDC provider with pocket-id. Using a vendor is just pointless and should be avoided at all costs

taeric 9 months ago [–]

I do that. Largely. I prefer hardware tokens.

I also have to confess this is clearly less convenient than having Apple or Google manage them for me.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact