a very long password that (ideally) is only bound to a single device, requires a second identifier (biometric, PIN, password) and that is phishing resistant.
thus rendering them redundant, because their strength is being bound to a single physical device. if they’re portable, they’re as good as asymmetric key pairs.
Their strength is being half a cryptographic key, not that they’re device bound.
That was a “requirement” that big tech wanted, to force you to be dependent on TPM storage, so you’d be forced to use a Trusted™ device and OS. It was made optional after pushback from basically everyone else.
Password managers support Passkeys now. Bitwarden and KeePassX among others.
As long as I trust that my password manager is secure, and as long as I use a strong master password or (better) have a hardware key to unlock it, it is way more secure than a password, and I can still install Linux without losing my logins.
Passkeys, more likely.
so passwords (that you can’t memorize) with extra steps
Half a cryptographic key that you can’t easily give to someone over the phone by accident.
a very long password that (ideally) is only bound to a single device, requires a second identifier (biometric, PIN, password) and that is phishing resistant.
yay vendor lock in. google or meta password manager salivating.
Bitwarden has been working great with me as sits transition to passkeys, even big corporate ones.
But yeah in practice, google and facebook are going to probably dominate because they are the easy + free option.
KeepassXC supports passkeys as well.
thus rendering them redundant, because their strength is being bound to a single physical device. if they’re portable, they’re as good as asymmetric key pairs.
Their strength is being half a cryptographic key, not that they’re device bound.
That was a “requirement” that big tech wanted, to force you to be dependent on TPM storage, so you’d be forced to use a Trusted™ device and OS. It was made optional after pushback from basically everyone else.
Password managers support Passkeys now. Bitwarden and KeePassX among others.
As long as I trust that my password manager is secure, and as long as I use a strong master password or (better) have a hardware key to unlock it, it is way more secure than a password, and I can still install Linux without losing my logins.
i’m assuming most people will use the default, which will probably be google lock in anyway.
Bitwarden let’s you sync your passkeys between devices. And you can also unlock your vault with one stored on a physical security key.
Ooh-la-la, someone’s gonna get laid in college.
Edit: This is a joking reference from a Rick and Morty episode (S02E06).
i don’t get what this has to do with college, or getting laid at all but sure.
Oh, I’m sorry. It’s a reference to a Rick and Morty episode. I thought that’s what you were referring to.
ha, the episode where they have a mini universe powering their car.