The problem is, for a few seconds, the site is relying on the user knowing the code, so what we thought was a physical “something you have” factor is actually just a kind of second knowledge factor. 8/pic.twitter.com/pEp7srGqpV
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
Saluti you can read it here: Thread by @mrisher: "Okay, here’s the deal with Security Keys and , because even some experts don’t really get it. HT @boblord and @ […]" #phishing #WebAuthN https://threadreaderapp.com/thread/1111651130570792962.html …
See you soon. 
Does Google still use only U2F instead of FIDO2? What's the thinking there and the timeline for updating?
Good thing this important information is in an ephemeral Twitter thread instead of...oh, I don't know...a blog post that will hang around a while and be searchable. Thanks for the effort though.
Honest question: what do you do in the event your security key is lost or stolen?
Good point: Because the user is saying “don’t let anyone in without the key,” we worry about this. For Advanced Protection, all users need to register a backup key to prevent this problem
A+ recommendation.
In my car about to drive after having lunch! But yeah. Strong supporter of keys. My FIDO2 yubikey and my Yubikey 4 I think it is? Lol. I also have the github yubikey at home....pic.twitter.com/U8LVi35xyy
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.