“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.

  • Pyflixia@kbin.melroy.org
    link
    fedilink
    arrow-up
    10
    arrow-down
    6
    ·
    15 days ago

    Whenever I read stuff like this, my mind goes a bit hazy. Because I’m just finding myself asking ‘Why and when did the simple mechanic of passwords get this difficult?’

    Maybe if password requirements weren’t stingingly stupid, companies cared more about actual security and not an obstacle course they’ve gotta send people through to do one thing. We wouldn’t ever know or need to know systems like this.

    • 4am@lemm.ee
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      1
      ·
      15 days ago

      With passkeys you never need to worry about the storage method used by the site. Some sites STILL store passwords in plaintext. When that database gets hacked, it’s game over.

      A public passkey, even stored in plaintext, is useless to an attacker.

      Maybe that doesn’t matter for you or me, with our 64-character randomly generated passwords unique to each service, but the bigger picture is that most people just use the same password everywhere. This is how identity theft happens.

    • Encrypt-Keeper@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      2
      ·
      15 days ago

      Passkeys are much simpler to use than passwords, password managers, 2FA etc. if simplicity is your goal, Passkeys are your personal wet dream.