webhelp, 11 May 2023With another device(your phone for example). But you can also buy a windows hello camera/finge... moreYes, you can do that, but it'll be inconvenient. When you use your PC, you phone may be in another room. Most desktop PC users won't buy fingerprint/face scanners.
webhelp, 11 May 2023An analogy to losing your device would be to hit your head and forget your password. The prob... moreNot a good comparison. Even if you have an amnesia, you can still access your accounts if you save the passwords. On the other hand, if you have only one device and exclusively use passkeys, when you lose that device or when that device stops working, you lose access to all your accounts.
Anonymous, 10 May 2023Well, anyone can set a goal. Achieving a goal is another matter. Desktop PCs don't come w... moreWith another device(your phone for example). But you can also buy a windows hello camera/fingerprint reader for your desktop
Anonymous, 10 May 2023For argument's sake, let's say passwords disappear from this world, and passkeys are... moreAn analogy to losing your device would be to hit your head and forget your password.
The problem with passwords is that they need to be complicated, to be changed often and it's easy to forget them.
Anonymous, 10 May 2023In short, the way I understand this, accounts will automatically use the passkey in your devic... moreFor argument's sake, let's say passwords disappear from this world, and passkeys are the only way to sign in. Imagine that you have only one device. When you lose this device, you won't be able to access your account from another device.
webhelp, 10 May 2023Yeah, but the goal of passkeys is to replace passwords, even if you can’t remove your password... moreWell, anyone can set a goal. Achieving a goal is another matter. Desktop PCs don't come with fingerprint/face scanners. If there are no passwords at all, how can most desktop PC users sign in?
Cyberchum, 07 May 2023Nothing you said addressed anything I said.In short, the way I understand this, accounts will automatically use the passkey in your device to log you in, provided the passkey on file matches the one in your hardware. Since you don't know the passkey and it's hardware dependent, that makes it a whole lot more secure than passwords. Like requiring a physical ignition key to start your car. Your hardware becomes the only key. But until passwords go away, we won't see that level of security as the passwords will still be a backdoor into your account. I should have the option to eliminate my password as soon as I set up a passkey.
The TRUE security benefit of passkeys won't happen until passwords go away!! Password managers in my opinion are potentially dangerous as they lump ALL of your passwords under the security of one password, and they are only as safe as the 3rd party app they run in. I sure don't use them because I have no trust that I have the only encryption key.
I DO NOT go along with syncing the passkey with other devices because that removes a valuable layer of security as I see it. The passkey winds up floating around the internet, attached to your google or apple personal account and then resides on a server owned by a company who has the encryption keys! No thanks! I have no trust level.
I want the passkey to stay ONLY with my hardware, and I want other devices such as tablets, computers to have their own unique passkeys. Thus, when I access a bank, hopefully any of the 3 passkeys I have on file, with any of the 3 hardware devices will get me into my account.
Now we're assuming that banks, google, and all accounts will be able to store more than one passkey. I believe that's the plan.
Anonymous, 09 May 2023So you don't understand that passkeys are simply used as another way to sign in. Your acc... moreYeah, but the goal of passkeys is to replace passwords, even if you can’t remove your password from your google account now, we will be able to in the future.
webhelp, 08 May 2023"Passkeys are for people who prefer to enter passwords manually. If you save all your pas... moreSo you don't understand that passkeys are simply used as another way to sign in. Your accounts still have passwords. When you use passkeys, they don't protect your accounts from attackers who may sign in to your accounts by using passwords.
Anonymous, 07 May 2023No, he has to have physical access your device and your fingerprint/face and knows your primar... more"Passkeys are for people who prefer to enter passwords manually. If you save all your passwords, there is no reason to use passkeys."
No, passkeys brings tons of benefits if you don't use a password manager with a master password. Some of the points:
1. It's more convenient, you don't need to remember passwords and enter them every time you need to login
2. Phishing protection
3. No need to change your password every x months, which I hate a lot
4. Your passkeys cannot be hacked, as passwords are when sites are hacked
5. WIth weak passwords, you can even guess them, forget about hacking/brute force.
6. No need for 2FA (a month ago I couldn't login to paypal at all, because they wouldn't send the sms...)
Cyberchum, 07 May 2023Again, nothing you said addressed anything I said. Meanwhile, using a master password to prote... moreNo, he has to have physical access your device and your fingerprint/face and knows your primary/master password. On the other hand, he only needs to have physical access to your device and your fingerprint/face to access all accounts protected by passkeys. If you don't understand how using a primary/master password and/or entering passwords for important websites manually is more secure than using passkeys in this case after reading this post, I don't know how I can help you.
Also, you still keep missing the point of passkeys. Google employees will probably sigh when they read your posts. I'll say it again. Passkeys are for people who prefer to enter passwords manually. If you save all your passwords, there is no reason to use passkeys.
Cyberchum, 07 May 2023Nothing you said addressed anything I said.Do I need to spoonfeed you? Anyway, you argued that most people didn't enter password manually because they used password managers. This post informed you that using a password manager doesn't mean that you have to save passwords for all websites. For example, you can save passwords for non-essentials website and decide not to save passwords for banking websites. Really, you need to try to use your brain and understand what people convey to you. People won't explain every single detail to you.
Anonymous, 04 May 2023By the way, even if you save passwords, some websites can ask you to enter passwords manually.... moreAgain, nothing you said addressed anything I said. Meanwhile, using a master password to protect other passwords means that if someone manages to ever gain knowledge of the master password, they consequently have access to all the saved passwords. Right or wrong? I mean, isn't that how password managers work?
Anonymous, 04 May 2023You can save passwords and use a remember-me feature for non-essential websites. Anyway, you m... moreNothing you said addressed anything I said.
Now that the big weakness bottle neck is at the users fingertips, it would also help to look at introducing an assurance that the user is in a sober state of mind when authenticating to the phone.
Whether at the stress of gunpoint, lost fingers or face, or drugged into submission, or just dangerously drunk, there is still an entry to the phone at hand.
Medical electronics incorporated into the phone could delay entry to uncouthly impaired and compromised persons, or those taken hostage in attempt to malware or hack using some one else's phone.
webhelp, 05 May 2023Having a password manager with a master password may protect your passwords but not necessaril... moreIn that case, passkeys won't protect your accounts either. Anyway, some websites don't allow staying signed in for a long period of time. If there is no action for a specific period of time, you'll be signed out. In any case, using passwords with a primary/master password is much more secure than using passkeys.
Lilian, 04 May 2023"Love it" when non-technical people make uninformed claims... No, it's not &qu... moreI already explained how it's less secure.
LetsHaveSomeFun, 05 May 2023The benefits of passkeys for authentication may not outweigh the risks of having the passkeys ... moreHaving a password manager with a master password may protect your passwords but not necessarily your accounts. In case your device is lost and compromised, most of your accounts will already be authentificated so no need for passwords anymore.
Lilian, 04 May 2023"Love it" when non-technical people make uninformed claims...
No, it's not &qu... moreThe benefits of passkeys for authentication may not outweigh the risks of having the passkeys compromised in the event of a device being compromised. In that case, a password manager with a strong master password and 2FA/MFA may be a better option for individual users.
While passkeys offer some benefits over traditional passwords, such as resistance to phishing attacks and better security properties, these benefits may not necessarily outweigh the risks of using passkeys, especially if the device is lost and compromised. Under those circumstances, an attacker would be able to use the the device to access passkey-protected resources but be unable to access an encrypted password vault without knowledge of the master password. Using a password manager with local-only vault provides an extra layer of protection.
Anonymous, 04 May 2023How can he does that if the passwords aren't saved? With this method, if he can have acce... more"Love it" when non-technical people make uninformed claims...
No, it's not "less secure", it employs a hardware verification(your device/what you have - searchable if lost) + biometric authentication(who you are).
Most people reuse passwords and it's unavoidable that these leak from some site that have bad storage practices.
Tip us
1.7m 126k
RSS
EV
Merch
Log in I forgot my password Sign up