Discussion
Loading...

Post

  • About
  • Code of conduct
  • Privacy
  • Users
  • Instances
  • About Bonfire
Jonathan Kamens 86 47
@jik@federate.social  ·  activity timestamp 2 months ago

Seriously, the issue in this thread is why I think #passkeys are a ticking time bomb. Most people don't understand how they work, or that they're linked to a single device, or that they need to maintain a backup login method. Websites that support passkeys don't do enough to communicate and enforce good habits. If we continue down the passkey path, people losing access is going to be a much bigger problem in the future, and we're not ready for it. #infosec

  • Copy link
  • Flag this post
  • Block
Jonathan Kamens 86 47
@jik@federate.social replied  ·  activity timestamp 2 months ago

I see from the replies that I need to expand on what I mean here because people are asking the same questions / raising the same objections over and over. One 500-character post is not really enough to get into all the intricacies, so it's going to take a few posts for me to explain what I was getting at.
I am not saying passkeys are less secure than passwords. They are much more secure in the normal workflow. A vast improvement. I share the hope that they will eventually replace passwords.
…

  • Copy link
  • Flag this comment
  • Block
Jonathan Kamens 86 47
@jik@federate.social replied  ·  activity timestamp 2 months ago

I suppose it's a bit ironic that I'm posting this thread in the fediverse, where the percentage of people who don't grok computers is far, far lower than IRL.

  • Copy link
  • Flag this comment
  • Block
Log in

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances
Bonfire social · 1.0.0-rc.3.1 no JS en
Automatic federation enabled
  • Explore
  • About
  • Members
  • Code of Conduct
Home
Login