Passkeys are a great idea, but everyone involved seems like they want the process to be as much of a pain in the dick as possible. So until the industry pulls it's collective head out of its collective ass (not going to hold my breath on that one), it'll be passwords+2FA for me.

The amount of people in this thread that don't understand passkeys surprises me. This is Lemmy. Aren't we the technical Linux nerds of the Internet?

There's been a lot of pain in the attempt to portray it as "Just click the passkey button, and that's it! Your login is secured for life!"

No - Buddy. It is secured for this one specific device that I have biometric authentication for. What about my computer? What about my other computer that isn't on the same operating system? I have a password manager that stores these things, why didn't you save to that when I registered? Why is it trying to take this shit from my Apple Keychain when it's in Bitwarden?

And, the next ultra-big step: How would a non-techie figure this shit out?

Passkeys are light years ahead of 2fA in user experience. Why do you dislike them?

Security based on devices is one of the positive innovations of smartphones and perhaps the only area where they've improved over the desktop experience.

Passkeys are one exception to the familiar pattern of "we give you more SeCuRiTY so we can spy on you more and control your behaviour better". They actually are more secure. Problem is, a lot of technical issues with it still, a ton of stuff not working correctly yet

You can store passkeys in your password manager lol

On the contrary i want more services using passkeys instead of 2fa methods that are less secure (sms).

ITT: people who think only SMS, email and TOTP exist as 2FA.

And people who think only your phone can be used as passkey.

I use passkeys through 1Password and it’s vastly less irritating to me than anything involving passwords, especially 2fa. I really don’t like having to wait for email to arrive or copying down digits from a text message, which seems to be how 2fa typically works 90% of the time.

Unless I've missed something big, passkeys are pretty easy for me if the website supports them imo.

Using KeePassXC, I click register on the website, register the passkey with KeePass, then it just works when I need to authenticate or login. My database is then synced across all my devices.

Passkey support is yet to come to KeePassDX on Android though, so I'll be awaiting that feature

It's not for your security, it's for the company's. People suuuuuuuuck when it comes to credentials.

Remember when tap-to-pay was new and didn't work at a lot of places and some people were freaked out over it?

And now most of us use it without a 2nd thought.

I speculate passkeys will be like that.

I thought passkeys were supposed to be more secure?

Passkey is "something you own" right?

I have something I own, it's a Yubikey

sure, you can use a passkey as a primary authentication, but only "a device" or "system"(keypass/1pass etc) knows the passkey detail. with only passkey, if my passkey provider/ device is compromised then everything is lost. having single factor auth seems like a bad idea.

a password is something that I can know, so is still useful as a protection mechanism. having two factor auth should include password and passkey, which seems entirely reasonable whilst also providing an easier path forward for people used to TOTP.

My primary and backup yubikeys: "Am I a joke to you?"

Has this energy...

I'll use banks as an example

If they cared about your security there would not be a mobile app or website.

Hell, credit cards would still require a signature.

It's about cost first and foremost and then convenience.

Has nothing about you as a consumer. They don't give 2 shits about you as a consumer.

Uhhh... Can someone ELI18 to me the problem with passkeys? I use them wherever available and find them very convenient.

I have no idea what a passkey is and I will probably only learn what it is when they become mandatory

I will just use passwords + 2FA for the moment

Y’all are my people.