Comment on [deleted]
EncryptKeeper@lemmy.world 2 months agoNo. When you log into a website your password is sent to the server. A passkey is not.
Comment on [deleted]
EncryptKeeper@lemmy.world 2 months agoNo. When you log into a website your password is sent to the server. A passkey is not.
MentalEdge@sopuli.xyz 2 months ago
That depends entirely on the service.
Nothing prevents the password from being hashed client-side, only ever sending the hash to the service.
EncryptKeeper@lemmy.world 2 months ago
True, but with passkeys they’re never sent, by design.
pipe01@programming.dev 2 months ago
Then that hash is effectively your password