Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Why would a website leave you with an account but no way to log in aside from the account recovery procedure?


You register from your MacBook, then add your Android phone, then remove your MacBook key, the lose your Android phone.

The messed up thing is that the simplest backup option is a magic login link which is obviously less secure. Also you cannot sink a passkey between platforms unless you use a third party Authenticator so you have to have a backup method of some sort even if not for recovery reasons.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: