Comment

Comment on Passkeys Explained: The End of Passwords

Zak@piefed.world ⁨17⁩ ⁨hours⁩ ago

I've been resisting using them and decided to set one on my rarely-used and unimportant Piefed account to try it out.

Saved to Bitwarden fine on my desktop browser. When I try to log in with a browser on my phone, it asks for my username and does nothing more after that dialog closes. While I'm not sure if this is a problem with Piefed, Bitwarden, or Firefox, I'm now disinclined to try it with anything important, especially if that thing might then discourage me from logging in with a password.

I recognize the theoretical advantages, but passkeys don't do much to solve problems I actually have. All my passwords look like @A#vVukh9c$3Kw4Cs8NP9xgazEuJ3JWE and are unique. Bitwarden won't autofill the wrong domain. I don't enter credentials in links from emails I didn't trigger myself immediately before. I haven't checked whether I can reliably backup and restore them in my Bitwarden vault.

source

Sort:hotnew top

lmmarsano@lemmynsfw.com ⁨5⁩ ⁨hours⁩ ago

All my passwords look like @A#vVukh9c$3Kw4Cs8NP9xgazEuJ3JWE and are unique.

You’re still transmitting the actual secret to the destination, so interception is a risk. Passkeys use asymmetric cryptography: no secret is ever transmitted, only time-sensitive challenges that prove possession of the private key. Servers only store public keys, which aren’t secret by design.

Passkeys have multifactor authentication built-in whereas passwords do not.

I find passkeys more convenient than passwords. My password manager has my passkeys. At login, my password manager raises a passkey prompt that I simply confirm.

source
cmhe@lemmy.world ⁨14⁩ ⁨hours⁩ ago
I self host vaultwarden, and use bitwarden clients everywhere. Passkeys are stored there

Passkeys to me, are a better way to insert login information. Some developers don’t think of passwords getting automatically filled in, so this autofill sometimes breaks. Passkeys might be a improved interface to integrate password managers. Also, sometimes 2FA keys from my bitwarden client gets copied into the clipboard, which sometimes overwrites the stuff I wanted to preserve in there. This does not happen with passkeys.

source