Comment on Passkeys Explained: The End of Passwords
Triumph@fedia.io 1 day agoThink of passkeys like they’re backups.
If you have one, you have none. If you have two, you have one. If you have three, at least one of them has to live offsite.
There are a ton of people who can’t reliably meet the “three” threshold, and plenty who can’t meet the two.
CompactFlax@discuss.tchncs.de 1 day ago
Good way of putting it. How many people have three devices they can use for storing passkeys? I don’t and I’m a nerd.
Triumph@fedia.io 1 day ago
I do; or at least I can. But really, Device #2 should be in a fire safe, and Device #3 should be in a safe deposit box. These should be "set and forget" devices, not just "the laptop that I use and the phone that I use". Those are additional costs, additional planning, additional effort, additional administration (because you need to also be checking that these cold devices still work on a scheduled basis), maybe additional required skill (depending on what you want these set and forget devices to be). You need to have an appropriate place to keep that fire safe. And when one of those cold devices doesn't work anymore, you have to figure out why and likely replace it.
To do it right, you really have to have your shit together. That I don't.