Looks like a huge amount of security vendors are working to have a secure and open standard for passkey portability between platforms.

It is always good to see major collaboration in the security space like this considering the harsh opinions that users of some of these vendors have toward many of the others. I just wish apps and sites would stop making me login with username and password if passkeys are meant to replace that lol.

  • zerozaku@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 month ago

    Why is the buzz around passkeys is back? I am seeing them way more often than they used to be. I think I have created passkeys for 2 apps and don’t even know how that worked, it such a breeze that almost felt it wasn’t secure lol.

    In what ways the passkeys are different than authenticator apps?

      • ShortN0te@lemmy.ml
        link
        fedilink
        arrow-up
        7
        ·
        1 month ago

        With the ability to transfer passkeys, the attack vector phishing does not sound that far fetched. Tho i have not looked into the transfer process.

        We will see i guess.

          • ShortN0te@lemmy.ml
            link
            fedilink
            arrow-up
            2
            arrow-down
            1
            ·
            1 month ago

            Why do you think SSH-Keys are safe against phishing? I mean it is unlikely, that someone will just send the key per mail or upload it somewhere since most ppl using SSH-Keys are more knowledgeable.

            When you now get an easy one click solution to transfer Passkeys from one Cloud provider to another it will get easier to trick a user to do that. Scenario: You get a mail from Microsoft that there is a thread and that you need to transfer your keys to their cloud.