<![CDATA[I think it would be really fun to do a talk that's not just "intro to passkeys" but more "how can you mess up passkey implementation".]]>

<![CDATA[I think it would be really fun to do a talk that's not just "intro to passkeys" but more "how can you mess up passkey implementation".]]>I think it would be really fun to do a talk that's not just "intro to passkeys" but more "how can you mess up passkey implementation".

I know you can set up SSO so you don't link the SSO accounts immutably to an account. You 100% could do the same thing with passkeys, and I think proposing a talk would be good incentive to learn more about how passkeys work in detail (like how badly could you mess up a passkey request? Or is it really just that robust because the browser controls it? What if you roll your own in a custom app? Maybe the only issues are after the passkey exchange, but that still gives you a rich tapestry of fuck ups to choose from!)

Would you be interested in such a talk? What questions do you have about passkeys?

]]>https://board.circlewithadot.net/topic/0fb0f99e-ee0e-436d-bda1-5ec84ea589ca/i-think-it-would-be-really-fun-to-do-a-talk-that-s-not-just-intro-to-passkeys-but-more-how-can-you-mess-up-passkey-implementation-.RSS for NodeFri, 17 Apr 2026 09:23:03 GMTThu, 09 Apr 2026 10:12:28 GMT60