I was reading a story about one of the inventors/designers of passkeys, and he felt the implementation was a fucking shitshow. Wish I could find that article again.
this post was submitted on 19 Aug 2024
-31 points (24.6% liked)
Technology
58011 readers
2831 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
This shit better be opt-in.
Oh it is, you just opt-in to not using that piece of shit Twitter.
Why? Passkeys are great. Though X can probably screw them up somehow.
Passkeys are a great option for people that don't wanna deal with managing their passwords and have some else do it for them. That's not everyone though, some prefer staying in control, so it should always stay optional.
Passkeys do one thing right. They are based on asymmetric keys as a proof of knowledge instead of transmitting the password.
I’ve been using a password manager for ages, and passkeys for a long time now.
What about passkeys is a loss of control? I’m 100000000% more likely to use them when supported, usernames/passwords are so janky, as are SMS/email-based 2FA (and the stupid “magic passcode” that makes you check your phone/email every time you sign in); for average users it greatly reduces the risk of phishing, etc.
If I want to delete one I can do just that.
Websites that require username/password + passkeys are annoying as hell though.
I only keep it installed for service outages and breaking news. I don't need an extra layer of bullshit to wade thru to see if Xbox servers are down.