188

“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.

you are viewing a single comment's thread
view the rest of the comments
[-] aniki@lemmings.world 50 points 1 month ago

I'll switch when it's fully implemented in open source and only I am the one with the private key. Until then its just more corporate blowjobs with extra steps.

[-] 4am@lemm.ee 22 points 1 month ago

That’s exactly how passkeys work. The server never has the private key.

[-] AsudoxDev@programming.dev 20 points 1 month ago
[-] devfuuu@lemmy.world 6 points 1 month ago

And we all remember the huge drama about it because they allowed for taking the keys out and backup them up.

[-] Kusimulkku@lemm.ee 3 points 1 month ago

I think a big part of it was exporting them plain text by default. I'm in the "I know what I'm doing" camp but I guess for someone who doesn't that sort of handholdy stuff not allowing the export them without encryption stuff makes sense.

[-] huginn@feddit.it 10 points 1 month ago

Passkeys are an ancient authentication setup, have always been better than passwords and are finally getting traction.

[-] priapus@sh.itjust.works 9 points 1 month ago

What do you means by this? What part do you want to be open source? Passkey are just cryptographic keys, no part of that requires anything unfree. There's aready an open source authentication stack you can use to implement them. You can store them completely locally with KeyPassXC for selfhost Vaultwarden to store them remotely. Both are open source?

[-] AbidanYre@lemmy.world 8 points 1 month ago

You can add them in vaultwarden.

this post was submitted on 15 Oct 2024
188 points (92.0% liked)

Technology

59381 readers
1204 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS