Comment on Passkeys Explained: The End of Passwords
l_b_i@pawb.social 3 weeks agoI think they are being pushed because cool technology on paper. Whenever I read an article about them, I can’t help but think about the human factors. How are passkeys created, often by a password or email. okay… that looks a lot like a password. Oh you lost the passkey, here lets send you one again. It stinks of a second factor without a first. Sure, the passkey itself is hard to compromise, but how about its creation. If your email is compromised I see no difference from passwords or passkeys.
4am@lemmy.zip 3 weeks ago
They don’t email you a passkey, what are you even talking about?
l_b_i@pawb.social 3 weeks ago
The flow I hear about when people talk about passkeys is sign up with email. Code gets sent to email. Code is entered, passkey gets generated. There always seems to be some similar step that looks like that, and often you have new device or reset that looks the same. Sure the passkey itself is secure, but how do you get it, how do you generate it, how do you validate the first time?
EncryptKeeper@lemmy.world 3 weeks ago
None of that is remotely true lol. You don’t get a passkey, you generate. Nothing is “sent” to you at any point in time, it has nothing to do with email.
Sxan@piefed.zip 3 weeks ago
Instead of saying how it doesn’t work, it’d be more constructive to explain how it does.
lmmarsano@lemmynsfw.com 3 weeks ago
There are quite a few uninformed takes here. 😞
Sl00k@programming.dev 2 weeks ago
Lemmy has been very anti passkey at least since it’s rise in 2023, it’s very interesting how tech forward Lemmy generally is and how anti passkey and not even anti, just generally uninformed on them they are.
I for one love them. I always read everyones opinions here and just think nobody has even attempted to use them. It’s very simple.