• Katana314@lemmy.world
    link
    fedilink
    English
    arrow-up
    37
    arrow-down
    2
    ·
    4 months ago

    There’s been a lot of pain in the attempt to portray it as “Just click the passkey button, and that’s it! Your login is secured for life!”

    No - Buddy. It is secured for this one specific device that I have biometric authentication for. What about my computer? What about my other computer that isn’t on the same operating system? I have a password manager that stores these things, why didn’t you save to that when I registered? Why is it trying to take this shit from my Apple Keychain when it’s in Bitwarden?

    And, the next ultra-big step: How would a non-techie figure this shit out?

    • BorgDrone@lemmy.one
      link
      fedilink
      arrow-up
      6
      arrow-down
      3
      ·
      4 months ago

      No - Buddy. It is secured for this one specific device that I have biometric authentication for. What about my computer? What about my other computer that isn’t on the same operating system?

      Then use a Yubikey.

      • MDCCCLV@lemmy.ca
        link
        fedilink
        English
        arrow-up
        4
        ·
        4 months ago

        I tried a yubikey but most websites want you to use the pin for that which requires windows hello, and if you reset windows you lose that.

      • HelixDab2@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        4 months ago

        OnlyKey seems to be a better choice than Yubikey, from what I can see. The only reason I haven’t switched is that I have a few accounts that I share with my partner, and I want to be sure that I can have two different keys work for the same account.

    • I Cast Fist@programming.dev
      link
      fedilink
      arrow-up
      2
      ·
      4 months ago

      And, the next ultra-big step: How would a non-techie figure this shit out?

      They wouldn’t, because the people calling the shots in the tech world create UX with a focus on it sucking for everyone

    • candybrie@lemmy.world
      cake
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      4 months ago

      And, the next ultra-big step: How would a non-techie figure this shit out?

      They don’t have a computer, another computer with a different OS, or bitwarden.

    • meliaesc@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      4 months ago

      I have my passkeys saved in 1password. (With a yubikey as backup for important things).

    • jj4211@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      4 months ago

      This was roughly the state of affairs before but the state of things have relented where software password managers are now allowed to serve the purpose.

      So if a hardened security guy wants to only use his dedicated hardware token with registering backups, that’s possible.

      If a layman wants to use Google password manager to just take care of it, that’s fine too.

      Also much in between, using a phone instead of a yubikey like, using an offline password manager, etc.