Might be useful to mention this on the website.
1 Like
Many services have neither let me add multiple keys, nor allowed me to remove my key once added.
This is a bunch of nonsense. I seriously doubt this is the case on any even slightly reputable service. Even if this was an issue, it would be an exceptionally poor implementation on the service providers’ part, not an issue with hardware keys or passkeys. You’d face the same issue if you were forced to set one password and could never change it. That would arguably be worse since a password can be stolen in a data breach.
2 Likes
The problem I have now, which I foresaw five years ago, is that I can never throw away my old key. I’ve logged in and replaced it everywhere I remember adding it, but I’m sure there are plenty more that I’ve forgotten.
This was an odd article. It seems like his actual complaint is that he can’t remember which accounts he has old Yubikeys attached to. This should not matter since you can just reset your old Yubikey which “will effectively unregister your key with any accounts”
2 Likes
Why not throw it? You still need passwords for that other part of the 2FA?