zlacker

[return to "Do not download the app, use the website"]
1. wouldb+Ha[view] [source] 2025-07-25 23:27:34
>>foxfir+(OP)
I understand but it’s not always with bad intentions.

In the Netherlands we have a system called DigiD to login into to most government websites like your taxes and city, etc.

When I contracted for the city of Amsterdam I learned they’ve been pushing hard for the DigiD app to two factor authenticate instead of text message, because of contracts Digid charges a lot per text message validation and none for app.

◧◩
2. nehal3+5d[view] [source] 2025-07-25 23:48:13
>>wouldb+Ha
True, but it does force citizens into a contract with either Apple or Google. I don’t think that is a good idea both from the perspective of individual freedom and national sovereignty.
◧◩◪
3. Beijin+ld[view] [source] 2025-07-25 23:50:20
>>nehal3+5d
Nothing beats a hardware token.

I would also use Yubikey for banking, but I am scared as f. what happens if I lose it while traveling abroad.

◧◩◪◨
4. esseph+Zd[view] [source] 2025-07-25 23:57:58
>>Beijin+ld
Carry two, leave another in a safe somewhere in your home country?

Otherwise, yeah... Passkey it is

◧◩◪◨⬒
5. devman+Mx[view] [source] 2025-07-26 03:46:34
>>esseph+Zd
The principle issue with hardware keys as implemented today via FIDO2 or U2F is that you can't enroll them without having them in your physical possession, which means if you have a backup key stored offsite, you have to fetch it anytime you sign up for a new service.
◧◩◪◨⬒⬓
6. Wilder+qH[view] [source] 2025-07-26 06:01:30
>>devman+Mx
A good strategy for this is to enroll it at day 0 for the most sensitive systems (e.g., password manager, email accounts). This way you are able to use it as a backup in the sense of giving the option to reset or access (e.g., via backup codes) all the services, without being necessarily enrolled in all of them.
[go to top]