this post was submitted on 09 Apr 2024
503 points (92.7% liked)

Technology

59148 readers
1946 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 
  • Big Tech has implemented passkeys in a way that locks users into their platforms rather than providing universal security
  • Passkeys were developed to replace passwords for better account security, but their rollout by Apple and Google has limited their potential
  • Proton Pass offers passkeys that are universal, easy to use, and available to everyone for improved online security and privacy.
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 22 points 7 months ago (4 children)

Yeah I've avoided passkeys. Anything that Google is pushing to me is always in their interests.

[–] [email protected] 33 points 7 months ago (1 children)

That is not the takeaway here.

The takeaway is Passkeys are great technology but as implemented by Google, Microsoft, and Apple fall short of what they could be.

[–] [email protected] 9 points 7 months ago (1 children)

People not getting phished is in their interests. That doesn't mean it's not in yours.

[–] [email protected] 2 points 7 months ago

People getting their accounts compromised leads to spam email, spam comments, fake crypto livestreams, etc that impact others. Google definitely has an interest in preventing people from getting their accounts compromised and not just for the benefit of the individuals with the accounts but their platforms as a whole.

[–] [email protected] 4 points 7 months ago (1 children)

A lot of my hesitation is that not only are passkeys being pushed by the big vendors AND they seem to have a less than portable implementation BUT ALSO they don’t seem to give enough details. Everything is dumbed down for the less technical until it means nothing

I like that this thread already has more actual information than all the outreach of the big vendors over months

[–] [email protected] 1 points 7 months ago

The spec behind it is solid, it creates per-domain cryptographic keyspairs which allows your device to prove you're you in a standardized and secure way while avoiding adding a new way to track you across sites, and by using the device's TPM chip to hold the key it's also resistant to most types of manipulation.

[–] [email protected] 2 points 7 months ago (2 children)

Google pushed email accounts to you, do you not have an email address either?

[–] [email protected] 8 points 7 months ago (1 children)

Email was already ubiquitous and generally standardized by the time Gmail released in 2004.

[–] [email protected] -2 points 7 months ago* (last edited 7 months ago)

Asymmetric cryptography has been ubiquitous and generally standardized by the time Google began letting you store Passkeys, so what’s your point?

Is Google supporting a particular service or system a dealbreaker for you or not? Because Google has far more fingers in the public operation of email than it does passkeys. So if you’re still ok with having an email account, then you should be just as ok with using passkeys.

[–] [email protected] 2 points 7 months ago* (last edited 7 months ago) (1 children)

I’m not locked into Gmail: I know it implements standards and I choose it as long as it is most convenient.

A lot of what comes into my gmail account is actually addressed to various aliases from various providers, and I can point those aliases anywhere

In particular, all my recent online accounts use unique generated email addresses that I can disable at will, and that forward to my actual email

[–] [email protected] 2 points 7 months ago

Well that’s great news, then you’ll like passkeys because you can use them without being locked into anything.