271
submitted 1 month ago by exu@feditown.com to c/technology@lemmy.world
you are viewing a single comment's thread
view the rest of the comments
[-] johannesvanderwhales@lemmy.world 9 points 1 month ago

You're looking at this from the perspective of an educated end user. You're pretty secure already from some common attack vectors. You're also in the minority. Passkeys are largely about the health of the entire ecosystem. Not only do they protect against credentials being stolen, they also protect against phishing attacks because identity verification is built in. That is of huge value if you're administering a site. Yes if everyone used a password manager there would be less value, but only about a third of users do that. And as an admin you can't just say "well that guy got phished but it's his own fault for not using a password manager."

[-] ikidd@lemmy.world 3 points 1 month ago

Password managers have only really taken off in the last half-decade, so one-third is kind of to be expected. I know they've been around a long time, but major adoption has been recent.

Passkeys will take a while to get wide adoption as well, especially with syncing problems that we've seen.

[-] johannesvanderwhales@lemmy.world 5 points 1 month ago

Password managers are never going to hit anywhere near 100% adoption rate. It requires knowledge on the part of the user and in many cases money. No grandma isn't going to roll her own with keepass. Most likely she'll never even know what a password manager is. And as long as those users are still out there, admins still have to deal with all the problems they bring.

Incidentally I looked and it's been over a decade since I started using my first password manager. They're not that new.

this post was submitted on 16 Oct 2024
271 points (86.3% liked)

Technology

59366 readers
1314 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS