Jxck
2019-10-15
when you register Security key for login to service, you’ll get recovery code for losing key. to store recovery codes safely is not easy, so I save them into password manager (1Password).
so if there are some semantics to mark recovery code up, manager can recognize them for saving, using, revoking automatically.
like below (It’s only a concept, valid semantics need discussion)
<!-- manager save each code automatically -->
<ul>
<li type=recoveryCode>asdf rewq</li>
<li type=recoveryCode>lkjh poiu<li>
</ul>
<!-- manager use one of recover code list, fill automatically, revoke used code -->
<input type=recoveryCode>
in this case, user can recovery service account when losing hardware key if password managers are accessible.