PIN requirements on fido2 / #webauthn implementations have added such a huge amount of cognitive overload for people who can barely remember any passwords and are now having a USB device threaten to metaphorically self-destruct if the user enters one of three possible PINs wrong more than eight times.
Yubico's help pages are so laden with cryptic jargon that they're largely useless for anyone except security nerds. Like literally any stressed-out journalist would just start sobbing if I sent them this: https://support.yubico.com/hc/en-us/articles/4402836718866-Understanding-YubiKey-PINs #infosec #UX
=> More informations about this toot | View the thread | More toots from huertanix@tenforward.social
=> View webauthn tag | View infosec tag | View ux tag This content has been proxied by September (3851b).Proxy Information
text/gemini