Passkeys might really kill passwords - eviltoast

Passkeys: how do they work? No, like, seriously. It’s clear that the industry is increasingly betting on passkeys as a replacement for passwords, a way to use the internet that is both more secure and more user-friendly. But for all that upside, it’s not always clear how we, the normal human users, are supposed to use passkeys. You’re telling me it’s just a thing… that lives on my phone? What if I lose my phone? What if you steal my phone?

    • Heavybell@lemmy.world
      link
      fedilink
      English
      arrow-up
      12
      arrow-down
      1
      ·
      9 months ago

      I already use KeePass, but as far as I know it doesn’t do passkeys, only passwords?

        • Heavybell@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          9 months ago

          I have been super hesitant to look into KeePassXC, should I give it a chance?

          Of course, unless I can also access these features on my phone it doesn’t really matter…

          • Spotlight7573@lemmy.world
            link
            fedilink
            English
            arrow-up
            4
            ·
            9 months ago

            Yeah, unfortunately passkey support on mobile outside of what the OS/browsers provide is kind of not there at the moment but it’s being worked on. Android 14 apparently has some kind of framework for integrating in third-party passkey providers. At this point, you should view passkeys as an additional, more convenient and secure way to log in on the platforms it’s supported on, not necessarily the only way to log into an account.

          • Flumpkin@slrpnk.net
            link
            fedilink
            English
            arrow-up
            2
            ·
            9 months ago

            I recently switched to KeePassXC and it looks nicer and is easier to use. The also include some addon functionality into the app so you don’t need to trust that. The only downside is that it doesn’t automatically fills the browser text fields, you have to click on a green icon in the text field - but that is more secure. They also have an android app.

      • ikidd@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        arrow-down
        3
        ·
        9 months ago

        Bitwarden does passkeys supposedly. Haven’t tried it myself yet because I don’t know what to make of passkeys.

        • Spotlight7573@lemmy.world
          link
          fedilink
          English
          arrow-up
          9
          ·
          9 months ago

          Currently Bitwarden’s passkey support is limited to the browser extensions not the apps but from my experience it works relatively well. When logging into a site you just select the passkey from the extension popup and it logs you in.

          Example passkey registration:

          • Click create a passkey button in the accounts settings page
          • Bitwarden extension pops up with a list of matching accounts
          • Select the account in your password manager that you want to associate the passkey with
          • Click Save passkey button
          • The account now has a new passkey associated with it that’s stored in your Bitwarden vault

          Example login:

          • Click sign in with passkey button on the login page
          • Bitwarden extension pops up with a list of matching accounts from your vault
          • Select the account you want to sign in with
          • Click Confirm button
          • You’re signed in