Internet Identity and iCloud private keys sync

Identity system is sharing keys via apple cloud. Can someone from DFINITY shed some light into this? How is my second device using the private keys from the first registered device?

So either I use Yubikey to authenticate everytime with my mobile phone…

Seems excessive

What if someone gained access to my iCloud? Is it sooo over then?

We are working on an alternative way of authenticating with II, that does not require you to buy a YubiKey and does not synchronize with iCloud.

However, there are other trade-offs with that method:

  • It relies on browser storage, which Apple conveniently deletes every 1 or 2 weeks if unused (to avoid tracking)
    It is essential to have a recovery phrase ready when using that method, because the key will likely get deleted every now and then.
  • You will be required to enter a PIN when authenticating with II (as a stand-in for biometrics)

I will update this thread once it is ready.