W3C home > Mailing lists > Public > public-webauthn@w3.org > January 2021

Re: [webauthn] Clarify how a user can authenticate from multiple devices (#151)

From: Dominic Tobias via GitHub <sysbot+gh@w3.org>
Date: Sun, 10 Jan 2021 15:28:52 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-757494694-1610292531-sysbot+gh@w3.org>
> I don't disagree with the current economics @mamartins / @Oloompa. $10 is too expensive for APAC. For now. But, all new technologies go through this curve. What some industries should recognize is that it will be less expensive for them to give away Security Keys to customers than to waste time/money with all the other crap they buy/implement to do "risk scoring" on the back-end to minimize breaches and fraud.

This is an interesting point, maybe I'm naive here but I have a Yubikey and it has nothing that authenticates me. All someone needs to do is steal/find it and have access to my accounts. How is that more secure than a password!?

-- 
GitHub Notification of comment by DominicTobias
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/151#issuecomment-757494694 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Sunday, 10 January 2021 15:28:53 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:38:40 UTC