A new login technique is becoming available in 2023: the passkey. The passkey promises to solve phishing and prevent password reuse. But lots of smart and security-oriented folks are confused about what exactly a passkey is. There’s a good reason for that. A passkey is in some sense one of two (or three) different things, depending on how it’s stored.
    • Snot Flickerman@lemmy.blahaj.zoneEnglish
      0·
      2 years ago

      Except passkeys are an Open Authentication standard from the FIDO alliance. Soooooo, not from a corporation.

      https://fidoalliance.org/passkeys/

      You can use passkeys in KeePassXC, if I understand correctly.

      They are the equivalent of using a hardware key like YubiKey or SoloKey, except the passkey is stored on your phone/PC instead of a USB thumbstick.

        • Snot Flickerman@lemmy.blahaj.zoneEnglish
          1·
          2 years ago

          Except Google was only mentioned in terms of whether or not they support it.

          You’re commenting on an article from the Electronic Frontier Foundation, an organization dedicated to fighting for internet and digital freedoms, about an open standard that has only just begun being implemented widely.

          Look, I hate corpos as much as anyone, but please let’s please tone down the alarmism.