Personally speaking: Fuck adding another app to my phone. Go visit justwatch.com
mars
joined 1 year ago
Some would say he's a product of his time (thyme?)
Well, it's a full keypair being stored: Authenticators like Bitwarden need to first provide the public key to the relying party (RP) so the RP can issue the encrypted auth challenge. The challenge then is handed back to the authenticator, user verification happens, then the challenge is signed by the private key and sent back to the RP for verification to complete the auth ceremony.
You're thinking about "device-bound passkeys". Bitwarden and any other third-party credential manager leverages "synced passkeys" because they don't control the hardware.
Synced passkeys are actually called out in the FIDO Alliance's FAQs as preferred since they more closely align with the desired replacement of traditional passwords.
It's an interesting thought to consider that without access to centralized distribution platforms like app stores, something incredibly similar is created in its place: The so-called "super-app" (e.g. WeChat, Alipay).
No problem! Best of luck. 🙂
Modern social media: Feed algorithm bots curating and serving up bot-created content for other bots to create fake engagement on so that advertising bots can find the real humans that still exist in the desolate wastelands and market them bot-created ads.