Hacker News new | past | comments | ask | show | jobs | submit login

Note I said “each of your devices.” Even if Google locks you out, they are all still on at least one of your devices (if not more).

My passkeys are shared with family members in iCloud (where they are synced to) for bus factor. I don’t recommend using Google for any consumer services if you can avoid it, especially syncing your password/passkey database, as there is zero support if something goes wrong.




There are stories of Apple locking users out of their iCloud accounts.


Can you provide source? I've never seen Apple locking someone out of their account à la Google, only rare dumb user errors in the system clearly designed to effectively prevent them.


Sure, here's a first search result for the query 'locked out of Apple account': https://www.businessinsider.com/apple-not-helpful-woman-lock...


This is theft. And it was possible because the thief had her password (by spying on her.) It is known that thiefs do this, changing the password and account details very quickly to lock someone out of their account. Apple recently introduced protections against this, called Stolen Device Protection, which users can enable in Settings.


And all of your passkeys should still be on each device in such a case. It’s sync, not a singular vault.


If you still have access to them, yes. Problem is if you don't. And we need to be mindful that it's easy for us to say these things being very digitally native, while there's a huge part of the population that isn't so digitally aware and relies on companies like Apple to "make everything work".


I don’t disagree. It’s why the FTC and other federal regulatory agencies should require some sort of identity bootstrap process if you lose all of your digital identity credentials.

I’ve submitted comments to this effect to the FTC, and I’d encourage others to as well. Email (where all roads currently lead) should not be your identity in the 21st century, and losing a device or Big Tech account shouldn’t permanently banish you from digital account access.

Some relevant comments I've written on the topic in this thread: https://news.ycombinator.com/item?id=38691082 | https://news.ycombinator.com/item?id=38691156




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: