• Encrypt-Keeper
    link
    English
    2
    edit-2
    1 month ago

    I don’t think that, you said that. It’s the very first sentence of your comment. You literally said that you misunderstood them to be hardware keys.

    And yes, everything else you said is demonstrably false as well. The FIDO alliance and even specifically the companies within it that are pushing Passkeys the most, are advocating for them to be cross platform without any lock in. 1Password is one of the companies pushing for passkeys, they’re even behind the https://passkeys.directory and allow you to securely import and export passkeys so you aren’t locked in. They also made recent changes to the spec itself to make moving and owning passkeys easier. And that’s not even to mention the fact that Passkeys are just key pair, which don’t require any platform or technology to implement that isn’t built into your device.

      • Encrypt-Keeper
        link
        English
        31 month ago

        Yes, the author is also suffering from the same misconceptions and doesn’t really understand passkeys beyond the surface level, so he doesn’t know that the problems he has with them don’t exist.

        He then goes on to reason that because passkeys might result in an awkward experience in exactly one extremely niche scenario, that you’re better off using passwords in a password manager that are less secure. He then proceeds to suggest the use of email as a second factor as an alternative, which destroys every shred of credibility he had. He also completely misses the fact that putting your passkeys in that very same password manager he himself is suggesting, solves the complaints that form over half of his entire argument. It’s super ironic too because the specific password manager that he’s recommending in his own article is a member of the FIDO Alliance and is literally one of the world’s biggest advocates for passkeys.