yarn.meff.me @<prologic https://twtxt.net/user/prologic/twtxt.txt> "I got promoted today to try using Passkeys on [Github.com](https://github.com). Fine 😅 I did that, but I discovered that when you use your Passkey to login, Chrome prompts you for your device's password (_i.e: The password you use to login to your macOS Desktop_). Is that intentional? Kind of defeats the point no? I mean sure, now there's no Password being transmitted, stored or presented to Github.com but still, all an attacker has to do is somehow be on my device and know my login password to my device right? Is that better or worse? 🤔"

Yarn

Recent twts in reply to #drg7gqq

I got promoted today to try using Passkeys on Github.com. Fine 😅 I did that, but I discovered that when you use your Passkey to login, Chrome prompts you for your device’s password (i.e: The password you use to login to your macOS Desktop). Is that intentional? Kind of defeats the point no? I mean sure, now there’s no Password being transmitted, stored or presented to Github.com but still, all an attacker has to do is somehow be on my device and know my login password to my device right? Is that better or worse? 🤔

#drg7gqq