Technology

58303 readers

27 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

[email protected]

293

Google will now make passkeys the default for personal accounts (arstechnica.com)

submitted 1 year ago by [email protected] to c/[email protected]

177 comments fedilink hide all child comments

Passkey is some sort of specific unique key to a device allowing to use a pin on a device instead of the password. But which won't work on another device.

Now I don't know if that key can be stolen or not, or if it's really more secure or not, as people have really unsecure pins.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 12 points 1 year ago (1 children)

As you point out, the single point of failure is access to the passkey repository. Of course, this will usually be 2FA, so much more secure than simple passwords which people usually employ.

One major issue, IMHO, is vendor lock-in. I’ve no doubt Apple is going to make migration away from iCloud a huge pain in the ass. It’s just another way they’re going to make it difficult to leave their ecosystem.

I’m also worried about backups. People lose access to their Google and Apple accounts routinely for any and no reason at all. Will these keys be stored in the cloud? If so, access to EVERYTHING is just a capricious random algorithm away from being lost.

I wouldn’t touch any passkey system which doesn’t provide a seamless way to migrate away especially if I’ve lost access to my Apple/Google account.

[+] [email protected] 2 points 1 year ago* (last edited 6 months ago) (2 children)

[removed by mod]

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

I'm really over people calling backups a security risk.

There's a reason bitwarden, 1password, last pass, etc etc. allow you to export your passwords. They also all allow you to do so in an encrypted file.

[–] [email protected] 0 points 1 year ago

The method you describe is untenable for 99.9% of the population. If that is truly the only way to migrate, then this move to passkeys is a catastrophe for security. In the coming years, millions of people are going to be permanently locked out of important accounts. Accounts will be written about the clearly flawed implementation of passkeys by Apple and Google, and a whole generation of people are going to shun passkeys forever. Myself included. This is a nightmare for vendor lock-in. I can see why Apple and Google are so ready to implement this.