• m-p{3}
    link
    fedilink
    161 year ago

    If you’re using a hardware token like a YubiKey then you do need to enter your PIN before being able to use it.

    The main benefit is that you cannot extract the Passkey from the secure element (the token cannot be transformed from what you have to what you know) and it cannot be phished through a fake domain as the challenge-response will not match.

    • @[email protected]
      link
      fedilink
      English
      31 year ago

      I like the yubikey bio series so you use a fingerprint on the key itself. Fido2 only right now