• ikidd@lemmy.world
    link
    fedilink
    English
    arrow-up
    12
    ·
    3 months ago

    I was reading a story about one of the inventors/designers of passkeys, and he felt the implementation was a fucking shitshow. Wish I could find that article again.

    • Unmapped@lemmy.ml
      link
      fedilink
      English
      arrow-up
      15
      arrow-down
      2
      ·
      3 months ago

      Why? Passkeys are great. Though X can probably screw them up somehow.

      • ISOmorph
        link
        fedilink
        English
        arrow-up
        7
        arrow-down
        1
        ·
        3 months ago

        Passkeys are a great option for people that don’t wanna deal with managing their passwords and have some else do it for them. That’s not everyone though, some prefer staying in control, so it should always stay optional.

        • progandy
          link
          fedilink
          English
          arrow-up
          4
          ·
          edit-2
          3 months ago

          Passkeys do one thing right. They are based on asymmetric keys as a proof of knowledge instead of transmitting the password.

        • Prison Mike@links.hackliberty.org
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          1
          ·
          3 months ago

          I’ve been using a password manager for ages, and passkeys for a long time now.

          What about passkeys is a loss of control? I’m 100000000% more likely to use them when supported, usernames/passwords are so janky, as are SMS/email-based 2FA (and the stupid “magic passcode” that makes you check your phone/email every time you sign in); for average users it greatly reduces the risk of phishing, etc.

          If I want to delete one I can do just that.

          Websites that require username/password + passkeys are annoying as hell though.

      • RangerJosie@sffa.community
        link
        fedilink
        English
        arrow-up
        2
        ·
        3 months ago

        I only keep it installed for service outages and breaking news. I don’t need an extra layer of bullshit to wade thru to see if Xbox servers are down.