Comment on Passkeys might really kill passwords

<- View Parent
Spotlight7573@lemmy.world ⁨9⁩ ⁨months⁩ ago

Passkeys are protected by either your device’s password/passcode (something you know) or your device’s biometrics (something you are). That provides two factors when combined with the passkey itself (something you have).

The benefit of the password is only available if you know your password for your accounts or if you have a password manager. People can only remember a limited number of passwords without resorting to systems or patterns. Additionally, with many accounts now knowing the password is not enough to log in, you must either be logging in from an existing device or perform some kind of 2FA (TOTP, SMS, hardware security key, etc). So you already need to have a backup device to log in anyways. Same with a password manager: if you can have a copy of your vault with your password on another device then you can have a copy of your vault with your passkey on another device. Nothing gets rid of the requirement to have a backup device or copy of your passwords/passkeys if you want to avoid being locked out.

source
Sort:hotnewtop