this post was submitted on 11 Mar 2024
199 points (100.0% liked)

technology

23303 readers
404 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

founded 4 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] blobjim@hexbear.net 7 points 8 months ago (1 children)
[–] someone@hexbear.net 10 points 8 months ago (1 children)

Because it's just a glorified password manager. But instead of your master password being kept securely in your head, your master password is now in the hands of Google or Apple or Microsoft.

[–] blobjim@hexbear.net 10 points 8 months ago* (last edited 8 months ago) (1 children)

KeePassXC just today released support for storing passkeys in your own keepass database file. And they're not just "glorified passwords". They're private keys that use challenge-response authentication so they're never actually sent over the network. Harder to compromise.

Using passkeys with some kind of personal database is ultimately an objective improvement over hodge podge username and password mechanisms, so they're only going to continue being adopted further.

The only case they don't really work for is when you want to log in to a computer that doesn't have access to your passkeys.