The flow I hear about when people talk about passkeys is sign up with email. Code gets sent to email. Code is entered, passkey gets generated. There always seems to be some similar step that looks like that, and often you have new device or reset that looks the same. Sure the passkey itself is secure, but how do you get it, how do you generate it, how do you validate the first time?
Comment on Passkeys Explained: The End of Passwords
4am@lemmy.zip 18 hours agoThey don’t email you a passkey, what are you even talking about?
l_b_i@pawb.social 17 hours ago
EncryptKeeper@lemmy.world 17 hours ago
None of that is remotely true lol. You don’t get a passkey, you generate. Nothing is “sent” to you at any point in time, it has nothing to do with email.
Sxan@piefed.zip 14 hours ago
Instead of saying how it doesn’t work, it’d be more constructive to explain how it does.
egrets@lemmy.world 14 hours ago
Seems a little redundant when the article we’re all commenting on does precisely that.
EncryptKeeper@lemmy.world 11 hours ago
You mean like… the article you’re commenting on does?
lmmarsano@lemmynsfw.com 4 hours ago
There are quite a few uninformed takes here. 😞