#Tag · bonfire.cafe

So I think I'll need to read up on it a bit. I understand that "Passkeys" try to do something similar as SSH pubkeys.
But do you know a good technical explainer of what's going on and how it works?

(Yes, I could search myself but I am looking for recommendations of articles you have read that you found helpful and clear.)

EDIT: https://passkeys.io did make some things clearer.

Karl Voit :emacs: :orgmode:

@publicvoit@graz.social replied · 2 weeks ago

@tante Ich habe auf https://karl-voit.at/FIDO2-vs-Passkeys/ zu #Passkeys und #FIDO2 gebloggt und u.a. auch erklärt, weshalb Passkeys in immer mehr Situationen leider nicht mehr gänzlich gegen #Phishing schützen, FIDO2 meiner Meinung nach aber sehr wohl.

D.h. die Hardware-Tokens liefern aktuell den einzig wasserdichten Schutz gegen Phishing. Trotzdem haben Passkeys viele Vorteile gegenüber den üblichen Methoden wie #TOTP, #TAN via #SMS oder #Email, ...

#publicvoit

Authentifizierung mit FIDO2 und Passkeys

Nick

@Nickiquote@mstdn.social · 3 weeks ago

For those who have recently joined from BlueSky: on Friday evenings UK Fedi gets together and watches an evening of old episodes of a BBC music show and livetoots about how they wish they weren’t. #totp

James Smith 💾

@Floppy@mastodon.me.uk · 3 weeks ago

@losttourist by this point, the hat had embarked on its own solo career due to artistic differences. However, its debut single never even broke the top 40, and it tragically ended up living on the streets. #TOTP

Daniel Appelquist boosted

Terence Eden

@Edent@mastodon.social · 2 months ago

🆕 blog! “Some minor bugs in Proton's new Authenticator app”

I maintain a a test-suite for TOTP codes. It contains a bunch of codes which adhere to the specification, some of which stretch it to breaking point, and some that are completely invalid. These codes are a good starting point for checking whether a 2FA / MFA app works correctly.

Proton …