Passkeys might really kill passwords - eviltoast

Passkeys: how do they work? No, like, seriously. It’s clear that the industry is increasingly betting on passkeys as a replacement for passwords, a way to use the internet that is both more secure and more user-friendly. But for all that upside, it’s not always clear how we, the normal human users, are supposed to use passkeys. You’re telling me it’s just a thing… that lives on my phone? What if I lose my phone? What if you steal my phone?

  • unconfirmedsourcesDOTgov@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    4
    ·
    9 months ago

    So if you lose access to all of your devices, you’re completely locked out of everything until you’re able to get a new working phone activated on a trusted phone number? The trade-off of inconvenience for security here just doesn’t seem worth it to me.

    • monko@lemmy.zip
      link
      fedilink
      English
      arrow-up
      2
      ·
      9 months ago

      Depends on the provider in question. While Apple does allow SMS recovery, they also let you designate a trusted contact who can let you in as an alternative. This is obviously more convenient (if you have a friend or family member who can be available when you need them), but the situation with SMS vulnerabilities is still my main gripe.