Passkey is some sort of specific unique key to a device allowing to use a pin on a device instead of the password. But which won’t work on another device.
Now I don’t know if that key can be stolen or not, or if it’s really more secure or not, as people have really unsecure pins.
deleted by creator
Most hardware today has what’s called a TPM. It’s a physical hardware chip that can store certificates in a way that can’t be extracted.
It’s way more secure than someone stealing a cer file.
deleted by creator
It doesn’t feel better? Good thing security doesn’t care about feelings. The fact is it is more secure no matter what it feels like. Privacy is maintained since you use a new key with each site. There is no IMEI or anything like that in the passkey spec. Social engineering ranges from more difficult to impossible depending on if you use a synced, local software based, or hardware based passkey system.
You have a lot of incorrect assumptions. Read https://support.apple.com/en-us/102195 and https://fidoalliance.org/passkeys/#faq.
deleted by creator
Use a pair of hardware tokens and a long pin if you want maximum security. If you want to use a sync-able software token do that and set a strong pin.
You like long passwords? Go ahead and put one on your passkeys. You don’t have to use a short pin.
It is two factor. Something you have, key in TPM or hardware token, and something you know: the PIN. Or if you choose to enable biometric it shifts to two things you have the: key and your face/fingerprint.
Remember you only have limited attempts to guess the PIN and biometric auth is subject to configurable timeout conditions before the PIN is required.
Any security conscious person will use a strong PIN. Many will choose to use biometrics as well for convenience. Most people are still setting their password to Sm3llyK@t42 on every website. A protected key and a 4-digit pin/finger print is a huge leap in security.
deleted by creator
I feel like it’s 2001 and I’m trying to convince my users to switch from passwords to RSA keys for SSH. Yes there are potential weaknesses. Yes it’s still much better.
Even if all we’ve done is reduced potential attackers from everyone with an Internet connection to people with physical access to the device we’ve still massively increased the average user’s security. And we’ve done more than that.
Also unless you can clone the device somehow hitting max guesses and losing access just like an ATM is part of the design.
I lost track of your suggestion over the weekend but what was your suggestion for second factor other than a pin or password?
deleted by creator
Thanks for the civil discussion. While my views haven’t changed I have learned a lot about possible objections from informed people.
Let’s hope this new auth standard is implemented responsibly by all the major parties and that weak passwords and phishing become relics of the past.
deleted by creator