this post was submitted on 16 Oct 2024
258 points (86.4% liked)

Technology

58727 readers
6058 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
enu@lemm.ee
fry@fry.gs
L3s@fry.gs
enu@lemmy.world
L4s@fry.gs
L4s@lemmy.world
258
Passwords have problems, but passkeys have more (world.hey.com)
submitted 1 day ago by exu@feditown.com to c/technology@lemmy.world
181 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[โ€“] ByteOnBikes@slrpnk.net 5 points 9 hours ago (1 children)

That was my take too.

Security training was something you know, and something you have.

You know your password, and you have a device that can receive another way to authorize. So you can lose one and not be compromised.

Passkeys just skip that "something you have". So you lose your password manager, and they have both?

[โ€“] Spotlight7573@lemmy.world 4 points 6 hours ago

I think you mean that passkeys potentially skip the something you know. The something you have is the private key for the passkey (however it's stored, in hardware or in software, etc). Unlocking access to that private key is done on the local device such as through a PIN/password or biometrics and gives you the second factor of something you know or something you are. If you have your password manager vault set to automatically unlock on your device for example, then that skips the something you know part.