Comment on Google will now make passkeys the default for personal accounts

<- View Parent
hedgehog@ttrpg.network ⁨1⁩ ⁨year⁩ ago

Having a seamless way to migrate away is itself a security risk, since that method could be used by attackers to compromise the key store. The migration path for any of the major players (Apple, Google, Microsoft, Yubikey) involves logging into each site you used a passkey with, adding a new one from your new passkey store, then revoking the old passkey.

Password managers that store Passkeys may handle this differently, though, and are your best bet if you want migration flexibility.

source
Sort:hotnewtop