A new login technique is becoming available in 2023: the passkey. The passkey promises to solve phishing and prevent password reuse. But lots of smart and security-oriented folks are confused about what exactly a passkey is. There’s a good reason for that. A passkey is in some sense one of two (or three) different things, depending on how it’s stored.
    • Snot Flickerman@lemmy.blahaj.zoneEnglish
      48·
      8 months ago

      Except passkeys are an Open Authentication standard from the FIDO alliance. Soooooo, not from a corporation.

      https://fidoalliance.org/passkeys/

      You can use passkeys in KeePassXC, if I understand correctly.

      They are the equivalent of using a hardware key like YubiKey or SoloKey, except the passkey is stored on your phone/PC instead of a USB thumbstick.

      • umbrella@lemmy.ml
        446·
        8 months ago

        still no reason to trust google with this.

        they have hijacked and dominated open source software quite a bit in the past.

        • Snot Flickerman@lemmy.blahaj.zoneEnglish
          61·
          8 months ago

          Except Google was only mentioned in terms of whether or not they support it.

          You’re commenting on an article from the Electronic Frontier Foundation, an organization dedicated to fighting for internet and digital freedoms, about an open standard that has only just begun being implemented widely.

          Look, I hate corpos as much as anyone, but please let’s please tone down the alarmism.

          • catboss@feddit.de
            12·
            8 months ago

            I’d like to thank you for providing context to reactivism based solely on an emotional reaction without doing any research first.

            I am guilty of that as well, but you put effort in, explained things and that takes time. Thanks.