Wouldn’t it be far more prudent to use a small esp32 USB with a few given serial commands?

/key sends a copy of your public key.

/sign tells the device to sign a challenge.

The challenge should include the site URL, UTC time, and a nonce. Facilitated by a browser extension to prevent URL spoofing.

There’s no reason why sites should have to pay a fee to allow their own users to login. Or, for security keys having to rely on authentication servers.

Both techniques force both server operators and users into dependence upon external systems.

submitted by /u/ki4jgt [link] [comments]r/CryptoCurrencyRead More

You might also be interested in reading MARKET REPORT: MoneySupermarket gets boost from insurance arm.