this post was submitted on 11 Oct 2023
28 points (96.7% liked)

Android

711 readers
1 users here now

Android news for android developers. Everything that happens in android world.

For Android development specific topics please see /c/android_dev

The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License

founded 1 year ago
MODERATORS
 
  • Google starts showing prompts to create and use passkeys to streamline the way you sign in to your personal account.
  • You'll also see a new option to "skip password when possible" in your account settings page.
  • Users will still be able to sign in with a password and can opt out of passkeys for the time being.
all 10 comments
sorted by: hot top controversial new old
[–] [email protected] 7 points 1 year ago (1 children)

I'll stick with my YubiKey for now. Unless there's something revolutionary with Passkeys

[–] [email protected] 6 points 1 year ago (2 children)

I don't understand it. How do you log in from another computer? How do you log out on a shared computer?

[–] [email protected] 6 points 1 year ago* (last edited 1 year ago) (1 children)

You'd use your phone to sign in, since possession of your pass key device is the proof instead of a password.

To log out just click on the log out link or whatever the site has?

https://support.google.com/accounts/answer/13548313?hl=en

The situation seems a bit messed up if you forget your phone or can't access it though.

[–] [email protected] 3 points 1 year ago

That’s why you can use a password manager to store your passkeys, such as 1Password, and configure it on your phone to be your default passkey provider !

[–] [email protected] 2 points 1 year ago
[–] [email protected] 4 points 1 year ago (1 children)

the article fails to properly explain what it even is.

great sign.

[–] [email protected] 1 points 1 year ago (1 children)

I've read quite a few articles about this stuff and I still have no idea how it works. That's probably just me.

[–] [email protected] 2 points 1 year ago

I'm a programmer, and I agree with you that the article can be a bit confusing. To put it simply, Google's passkey feature is a type of two-factor authentication (2FA) that eliminates the need for a traditional password. Instead, you get a short code generated randomly.

Here's how it works: When you choose passkey as your authentication method on a website, a randomly generated password is stored in the website's database. This password is also registered with Google's passkey service and is used as an ID token. When you want to log in, you need to use your phone or another device that supports passkey authentication to confirm your identity, sort of like a 'handshake.'

This method enhances security while simplifying the login process. In theory.