“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.

“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.

  • NateNate60@lemmy.worldEnglish
    10·
    11 hours ago

    I still have no idea how to use passkeys. It doesn’t seem obvious to the average user.

    I tried adding a passkey to an account, and all it does is cause a Firefox notification that says “touch your security key to continue with [website URL]”. It is not clear what to do next.

    • JackbyDev@programming.devEnglish
      1·
      4 hours ago

      After my password manager auto filled a password and logged me in the website said “Tired of remembering passwords? Want to add a passkey?” I didn’t know what it meant so I said no lol.

    • Echo Dot@feddit.ukEnglish
      21·
      9 hours ago

      I think you actually have to buy a passkey device. Then configure it to work with a particular account.

      You plug the passkey into your computer and then whenever it asks for a password you literally touch it and it does its thing. I think there are options like biometrics that you can add on top but you don’t have to have that.

          • EngineerGaming@feddit.nlEnglish
            1·
            1 hour ago

            What are you talking about? KeepassXC, to my knowledge, is not dependent on any TPM, snd it does support passkeys.

            • xor@lemmy.blahaj.zoneEnglish
              11·
              15 minutes ago

              devices themselves can act as passkeys

              I didn’t say a device needs a TPM to support passkeys - I said I believe it it needs one to be a passkey

              Thank you for your passive aggressive response caused by poor reading comprehension, though

              • EngineerGaming@feddit.nlEnglish
                1·
                4 minutes ago

                From what I understand, “passkey” refers to software, so no such thing as “device being a passkey”. Unlike a hardware key.

      • NateNate60@lemmy.worldEnglish
        4·
        9 hours ago

        If that’s what’s needed, I can say with some certainty that adoption isn’t going to be picking up any time this decade.

        • Echo Dot@feddit.ukEnglish
          1·
          6 hours ago

          They’ve been around forever as a concept I think I even have one for accessing some servers at work. You’re right no one uses them.