this post was submitted on 15 Oct 2024
177 points (91.9% liked)

Technology

58698 readers
5764 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
enu@lemm.ee
fry@fry.gs
L3s@fry.gs
enu@lemmy.world
L4s@fry.gs
L4s@lemmy.world
177
The War on Passwords Is One Step Closer to Being Over (www.wired.com)
submitted 1 day ago by GreenEngineering3475@lemmy.world to c/technology@lemmy.world
123 comments fedilink hide all child comments
 

“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.

you are viewing a single comment's thread
view the rest of the comments
[–] Dasnap@lemmy.world 26 points 1 day ago (4 children)

I always feel like an old granny when I read about passkeys because I've never used one, and I'm worried I'll just lock myself out of an account. I know I probably wouldn't, but new things are scary.

Are they normally used as a login option or do they completely replace MFA codes? I know how those work; I'm covered with that.

[–] PresidentCamacho@lemm.ee 1 points 9 hours ago

Hey good for you, unlike everyone else in this thread making up reasons why the tech is bad, you are mature enough to recognize the fear is from ignorance. I am in the same boat. I'm currently using a manager with MFA on everything which works well for me. Might look into this tech once it's baked longer. I don't like the idea of early adoption to a tech when it's security related.

[–] helenslunch@feddit.nl 8 points 1 day ago

It's not unreasonable at all. I locked myself out of several accounts after everyone recommended keypass for TOTP and then I lost all the keys. Getting those accounts back was a fucking nightmare.

[–] narc0tic_bird@lemm.ee 10 points 1 day ago (1 children)

Usually just an option in addition to a password + MFA. Or they just replace the MFA option and still require a password. I even saw some variants where it replaced the password but still required a MFA code. It's all over the place. Some providers artificially limit passkeys to certain (usually mobile) platforms.

[–] semperverus@lemmy.world 1 points 1 day ago

All of those options are to NIST-spec. MFA means multi-factor. It doesnt matter what they are as long as they are in different categories (something you know, something you have, something you are, etc: password, passkey, auth token, auth app, physical location, the network you are connected to). Two or more of these and you are set (though, location might be a weak factor).

[–] Sl00k@programming.dev 2 points 1 day ago

I have passkeys setup for almost everything and on most sites I just enter my username then I get a request on my phone to sign in. Scan my thumbprint and it's good to go. It's actually so much simpler than passwords / MFA, but admittedly I haven't had to migrate devices or platforms.

I have everything setup through protonpass right now