Comment

Comment on Passkeys Explained: The End of Passwords

I’m not really concerned about the security of it. Moreso the inconvenience of having to open my email client, specifically on the same device, and then sit there and click the refresh button over and over, waiting for it to come through, and then having to go back and delete it after so there’s not even more clutter in my inbox…

source

Sort:hotnew top

filcuk@lemmy.zip ⁨1⁩ ⁨day⁩ ago
Refresh…Refresh…Refresh…
Send new link…
Message arrives…
‘This link is no longer valid’

source
Septimaeus@infosec.pub ⁨1⁩ ⁨day⁩ ago

I’m not really concerned about the security of it. Moreso the inconvenience…

Honestly, convenience is security (change-my-mind lol) insofar as it measurably impacts rate of user adoption/adherence and thus outcomes.

It’s the annoyance you describe that leads most users to forego opt-in 2FA until it’s forced on them, for example.

Device-based PassKeys are the only near-universal mass-adoptable solution to that problem of convenience that I’ve heard proposed so far, although implementation has lagged until very recently.

source
- artyom@piefed.social ⁨1⁩ ⁨day⁩ ago
  
  convenience is security (change-my-mind lol)
  
  Not at all. Typically they’re opposites. But I understand what you’re trying to say. More convenience leads to better security.
  
  source
  - Passerby6497@lemmy.world ⁨23⁩ ⁨hours⁩ ago
    If it’s more convenient to be insecure than secure, users will pick insecure every time. There’s a reason there are so many bad password in the top passwords in breach dumps.
    
    I have to tell myself every time I go through some of my login flows that inconvenience to me means more so to an attacker, but most people don’t have an adversarial mindset and just want it to work.
    
    source
    artyom@piefed.social ⁨20⁩ ⁨hours⁩ ago
    User inconvenience is not at all the same thing as security.
    
    source
    -> View More Comments
  - Septimaeus@infosec.pub ⁨1⁩ ⁨day⁩ ago
    Yeah you get it. I just have a bone to pick with colleagues that embrace anti-user methods needlessly. Convenience = security is a “slow = fast” type of spiel.
    
    source
    sem@lemmy.blahaj.zone ⁨1⁩ ⁨day⁩ ago
    Don’t forget the intermediary
    
    Slow is smooth, and smooth is fast.
    
    source
    -> View More Comments