Comment on [deleted]
EncryptKeeper@lemmy.world 20 hours agoNo. When you log into a website your password is sent to the server. A passkey is not.
Comment on [deleted]
EncryptKeeper@lemmy.world 20 hours agoNo. When you log into a website your password is sent to the server. A passkey is not.
MentalEdge@sopuli.xyz 20 hours ago
That depends entirely on the service.
Nothing prevents the password from being hashed client-side, only ever sending the hash to the service.
EncryptKeeper@lemmy.world 20 hours ago
True, but with passkeys they’re never sent, by design.
pipe01@programming.dev 14 hours ago
Then that hash is effectively your password