My major objection to security keys is simple: I am a forgetful motherfucker and I will lose a tiny physical key within hours, and the backup immediately after that
https://www.theverge.com/2023/11/15/23962443/google-titan-security-key-passwordless-login
@scalzi How about standardizing the use of ssh keys instead? They always work, do not require a password, are extremely secure, and they're free. Is it because they're free that everyone wants to manufacture keys now? I'm going to start enabling them on websites for logging in --> me <-- to see how impossibly difficult this must be for corporations to even consider manufacturing more electronic, disposable, toxic-to-the-environment redundant crap designed to make a rich C-student CEO richer.
@Biggles @scalzi Sure. In the Valley, industrial spies were just breaking in & stealing hardware. Phishing was for amateurs.
I have no trust for physical locks of any kind. They just slow someone down, often not by much. Drive encryption helps. So does fingerprint ID. I could misplace a physical key or USB stick w/ssh keys. It could be stolen from my pocket. More difficult to misplace or steal a finger. Don't need more billionaire plastic e-waste.
Definitely not locks:
https://www.youtube.com/@lockpickinglawyer/videos