Google will now make passkeys the default for personal accounts - eviltoast

Passkey is some sort of specific unique key to a device allowing to use a pin on a device instead of the password. But which won’t work on another device.

Now I don’t know if that key can be stolen or not, or if it’s really more secure or not, as people have really unsecure pins.

  • atzanteol@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    They’re just private keys. By nature you can copy them wherever you want. I guess I don’t know why he’s making that distinction at all.

    • Natanael@slrpnk.net
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      The original spec is resident keys including TPM protected or hardware token protected keys designed to be impossible to copy. That’s why there’s a distinction.