Comment on GitHub launches passkey support into general availability
Asudox@lemmy.world 1 year ago
Cool and all but I won’t use them if I can’t store them offline locally on my device. I am not going to use Google’s passkey storage system.
I haven’t used passkeys yet, but I would hope that you can have multiple keys per site, not just one. So, after going through some initial pain of setting up each individual device, it should be nice having local-only keys for each of them, which you could revoke at any time.
Password managers are also adding support for passkeys, so you should be able to sync them if you so wish.
I would use a U2F physical key to secure the password manager as securing the passkeys with a password sounds dumb. Passkeys are here to replace passwords as a more secure alternative. What’s the logic behind securing them behind the thing it is supposed to replace?
Raisin8659@monyet.cc 1 year ago
There are two types of passkey. Syncable and device-bound. (see fidoalliance.org/passkeys/). Theoretically, the device-bound passkeys never leave the device and users don’t have any access to it except to use it for authentication. The syncable type will first and foremost be synced by the platforms themselves (Google, Microsoft, and Apple), but eventually the 3rd-party password managers will be allowed to be sync providers, but possibly only on newly-released OSes.
As far as I know, the passkey implementations currently on Android and Windows are device-bound; they are not synced to the cloud.
Asudox@lemmy.world 1 year ago
Windows currently doesn’t sync, but GMS Android does.