While true, other scenarios do come into play, like “I’m using a FIDO key but I dropped it down a storm drain”. Meaning you pretty much have to provide some recovery mechanism, since you can’t really require the user to have a backup device.
Indeed, but some “security” guys frown deeply about the private key ever leaving a specific hardware device, because the second it can be backed up they freak out that it could, theoretically, be stolen. It’s hardly a practical concern, but there’s a lot of security people that don’t care about practical considerations.
I see it more neutrally - the concern isn’t wrong after all. Security is always to be balanced against convenience.
I consider being locked out for good so inconvenient that I’m willing to sacrifice a bit of security to avoid it. But everyone has to find what works best for them.
While true, other scenarios do come into play, like “I’m using a FIDO key but I dropped it down a storm drain”. Meaning you pretty much have to provide some recovery mechanism, since you can’t really require the user to have a backup device.
That’s why I don’t use hardware tokens. They are more secure but they can break or get lost/stolen. My authentication app supports backups.
Indeed, but some “security” guys frown deeply about the private key ever leaving a specific hardware device, because the second it can be backed up they freak out that it could, theoretically, be stolen. It’s hardly a practical concern, but there’s a lot of security people that don’t care about practical considerations.
I see it more neutrally - the concern isn’t wrong after all. Security is always to be balanced against convenience.
I consider being locked out for good so inconvenient that I’m willing to sacrifice a bit of security to avoid it. But everyone has to find what works best for them.
Get out of here with your pragmatism. We’ll have none of that in this security context.