Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

That has nothing to do with anything. Think of this as a password, except the password is autogenerated and stored on the device itself. And you can have multiple passwords for the same account.


Who is allowed to add an additional password and how are they authenticated? The answer has to be simple enough for me to understand if I'm to consider using passkeys.


All that is up to the website to decide. This protocol is only for user authentication between the browser and a website.


The authentication scheme it seeks to replace has an answer for this. Sounds like a drawback.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: