I see Google and Apple really embracing passkeys lately and I’m trying to understand the hype, but it can be challenging. I also see that Bitwarden and 1Password are embracing them too. As far as I can tell, passkeys are just key pairs that behave like FIDO2 tokens (e.g. my yubikey) but are backed up to some cloud and usable from multiple synchronized trusted devices. Is this accurate? How would I go about implementing a self-hosted Linux equivalent? Use it with pam? Is this just a fancy ssh-agent for other protocols? What are you all doing in the eliminating passwords space?

  • @[email protected]
    link
    fedilink
    11 year ago

    Keys in the cloud can be gotten by governments and are always one zero day away from being leaked. Nooo thank you.

    • Beej Jorgensen
      link
      fedilink
      101 year ago

      It’s my understanding that the passkeys are stored encrypted so this is not an issue.

      Google deciding to disable your account for no reason is something to fear, though.