26
Google looks to do away with passwords, making 'passkeys' the default option | CNN Business (www.cnn.com)
submitted 1 year ago by TheOneWithTheHair@lemmy.world to c/google@lemmy.world
8 comments fedilink hide all child comments
top 8 comments
sorted by: hot top controversial new old
[-] jdnewmil@lemmy.ca 9 points 1 year ago

Is anyone working on bootstrapping passkey access to fresh Linux boxen? Until that is practical, I will probably be skeptical on this. That is, I know how to compartmentalize my passwords, but I don't know how to compartmentalize Google's control over my access to things.

This is an alternate expression of the "how do I recover when I lose my phone?" question that has always so far lead back to using symmetric passwords to protect private keys... which isn't ideal but is at least practical.

[-] Rootiest@lemm.ee 6 points 1 year ago* (last edited 1 year ago)

PassKeys work on Linux.. you just need to use a compatible browser which is most these days.

It's also a fido standard so it isn't really a Google thing, Apple started using them before Google even.

[-] jdnewmil@lemmy.ca 2 points 1 year ago

I didn't mean after you logged in... I meant as the default login option to a new Linux box. Passkeys are strong because they are asymmetric, but we currently fall back on symmetric passwords to manage access to those inconveniently-large private keys. How will you reset your Google access if your computer hard disk dies or your phone drops into the ocean if Google will no longer allow passwords? I figure that independence from big brother and fault tolerance to hardware failures would be appropriately-robust if this great new approach could work offline bootstrapping the security of a new computer.

[-] Rootiest@lemm.ee 1 points 1 year ago

I didn't mean after you logged in... I meant as the default login option to a new Linux box.

Ah ok. I misunderstood.

As to the other bit, Google hasn't disallowed passwords and I don't think we're at a point where they would.

But I mean ideally you have multiple PassKeys so if you lose one or you computer/phone dies you have a backup.

I keep a hardware key in a safe that can be used as a backup key to my accounts

[-] Bob_Robertson_IX@discuss.tchncs.de 1 points 1 year ago

I keep a hardware key in a safe that can be used as a backup key to my accounts

Dude, that's the first place they're going to look for it!

[-] Rootiest@lemm.ee 2 points 1 year ago

But where is the safe huh?

See? Gottem

[-] ViciousTangerine@lemmings.world 4 points 1 year ago

How much data will they be taking from sites that use this?

[-] Deconceptualist@lemm.ee 7 points 1 year ago

No more than they already can through passwords. Passkeys are a generalized authentication standard, you can use it with any compatible software (not just Google products). More options are a good thing.

https://fidoalliance.org/passkeys/

this post was submitted on 10 Oct 2023
26 points (96.4% liked)

Google

1713 readers
1 users here now

A Lemmy community dedicated to Google products and everything Google.

Rules

  1. Keep it Google.
  2. Keep it SFW.

founded 1 year ago
MODERATORS
Devgard@lemmy.world