A new login technique is becoming available in 2023: the passkey. The passkey promises to solve phishing and prevent password reuse. But lots of smart and security-oriented folks are confused about what exactly a passkey is. There’s a good reason for that. A passkey is in some sense one of two (or three) different things, depending on how it’s stored.
something from a corporation that cannot be trusted?
Except passkeys are an Open Authentication standard from the FIDO alliance. Soooooo, not from a corporation.
https://fidoalliance.org/passkeys/
You can use passkeys in KeePassXC, if I understand correctly.
They are the equivalent of using a hardware key like YubiKey or SoloKey, except the passkey is stored on your phone/PC instead of a USB thumbstick.
still no reason to trust google with this.
they have hijacked and dominated open source software quite a bit in the past.
Except Google was only mentioned in terms of whether or not they support it.
You’re commenting on an article from the Electronic Frontier Foundation, an organization dedicated to fighting for internet and digital freedoms, about an open standard that has only just begun being implemented widely.
Look, I hate corpos as much as anyone, but please let’s please tone down the alarmism.
[This comment has been deleted by an automated system]