# I am the Watcher. I am your guide through this vast new twtiverse.
#
# Usage:
# https://watcher.sour.is/api/plain/users View list of users and latest twt date.
# https://watcher.sour.is/api/plain/twt View all twts.
# https://watcher.sour.is/api/plain/mentions?uri=:uri View all mentions for uri.
# https://watcher.sour.is/api/plain/conv/:hash View all twts for a conversation subject.
#
# Options:
# uri Filter to show a specific users twts.
# offset Start index for quey.
# limit Count of items to return (going back in time).
#
# twt range = 1 7
# self = https://watcher.sour.is/conv/drg7gqq
I got promoted today to try using Passkeys on Github.com. Fine 😅 I did that, but I discovered that when you use your Passkey to login, Chrome prompts you for your device's password (_i.e: The password you use to login to your macOS Desktop_). Is that intentional? Kind of defeats the point no? I mean sure, now there's no Password being transmitted, stored or presented to Github.com but still, all an attacker has to do is somehow be on my device and know my login password to my device right? Is that better or worse? 🤔
I got promoted today to try using Passkeys on Github.com. Fine 😅 I did that, but I discovered that when you use your Passkey to login, Chrome prompts you for your device's password (_i.e: The password you use to login to your macOS Desktop_). Is that intentional? Kind of defeats the point no? I mean sure, now there's no Password being transmitted, stored or presented to Github.com but still, all an attacker has to do is somehow be on my device and know my login password to my device right? Is that better or worse? 🤔
@prologic That boycott didn't last very long, eh!?
Yeah, sounds like another hype train arriving at the station.
@prologic I'm speculating, but if I had to guess I'd say it's probably asking for your user password in order to access some user keyring (or whatever your OS uses to manage user secret credentials) used to safely store your passkeys related data in order to do its passkeys _/ME doing air quotes_ Magic™ ... you could try with a different password manager to avoid said scenario.
Also, passkeys UX sucks.
@prologic I'm speculating, but if I had to guess I'd say it's probably asking for your user password in order to access some user keyring (or whatever your OS uses to manage user secret credentials) used to safely store your passkeys related data in order to do its passkeys _/ME doing air quotes_ Magic™ ... you could try with a different password manager to avoid said scenario.
Also, passkeys UX sucks.