Comment on Security expert reveals surprising way to make your password stronger: use emojis
coffinwood@feddit.de 7 months agoThank you for explaining. That’s a thing most sites leave out: tell people how the keys cannot be stolen while still working on a different device.
ricecake@sh.itjust.works 7 months ago
Big reason for that is the spec for how this all works being around for a while, giving people a lot of time to write about the core of how it works, but the viable popular implementations are far newer, so articles still haven’t been updated, and doing the key transfers is still one of the newest parts that the big vendors don’t want to talk about yet, because they still have to get their patents fully approved and everything.
What I described above is one way to move data between two devices in a secure way with a trusted intermediary to verify identity, but I have no idea if it’s how any major vendor actually does it, because they haven’t made that data public. It’s just what’s obvious to a sufficiently informed subject matter expert.