Lost Keys, Found Frustrations: FIDO2's Design Dilemma

FIDO2, while laudable in its intent, falls short when it comes to user convenience and practicality. The protocol’s reliance on unique hardware tokens introduces a significant point of failure for users. Misplacing a FIDO2 hardware key is akin to losing your house keys, but with potentially far-reaching consequences - it’s a digital lockout, with recovery often proving to be a painstaking and time-consuming process. For a taste of this, just look at the YubiKey lost key guide. The advice is almost laughable - use a backup key or an alternative authentication method. It’s like suggesting one use a spare key or climb through a window after losing their house keys.

Now, imagine a different scenario, one inspired by BIP39 principles, where a memorized mnemonic is used to deterministically generate a master key. This master key then allows for the deterministic derivation of all necessary keys (BIP32). This approach would be a substantial improvement - instead of managing multiple hardware tokens, users would only need to remember or securely store a single mnemonic. This deterministic method is not just user-friendly, but also resilient. Lose your hardware token? No worries - simply regenerate your keys using your seed phrase. By directly inputting the mnemonic into the hardware token (as done by Ledger or Trezor), the exposure risk of the mnemonic is significantly reduced.

Of course, the risk of mnemonic theft is a valid concern. However, it’s a risk that can be mitigated through robust security measures like encryption and secure storage. This risk isn’t unique to the BIP39-style design either. In the existing FIDO2 model, if a hardware token is stolen, all linked accounts are vulnerable. While FIDO2 hardware keys are protected by a PIN, this is cold comfort when the key itself is lost.

A BIP39-inspired design would return control to the users, freeing them from reliance on physical tokens that can be lost, stolen, or damaged. Instead, users would just need to remember or securely store their seed phrase. This approach is not only more flexible and resilient, but also more user-centric. It’s perplexing that FIDO2 overlooked this approach - a missed opportunity that leaves us grappling with the unnecessary inconvenience of hardware tokens.

Feeling adventurous? Implement Shamir’s Secret Sharing, distribute your mnemonic ‘Horcruxes’ among trusted family and friends, and voila - your digital identity is now truly decentralized.

Disclaimer: Passkeys (effectively multi-device FIDO credentials) address some of the issues raised in this post, but they, well, sync your private keys.