Passkeys use cryptographic keys held client side which are never transmitted, they user cryptographic challenge-response protocols and send a single use value back. You can't intercept and reuse it unlike with passwords.
Natanael
joined 1 year ago
With a breach of the server then they can get your password the next time you log in and maintain persistent access until they're both kicked out and everybody has changed passwords.
With passkeys you don't need to do anything, they never had your secret.
Because you don't send a secret value, you only send a cryptographic asymmetric single use value which is safe to disclose
If the user can perform all steps on the same device then it doesn't make sense to assume only specific set of keys will be disclosed, you have to assume everything on the device can be compromised
Passkey plus TOTP doesn't really make sense (they're both client side cryptographic keys, you don't need two protocols), at least use a PAKE algorithm with a PIN instead if you want the server to be able to check the user's knowledge of a secret without sending it in a readable form
Quantum electrodynamics though
That's because too many virus infections have started with admins launching things as admin by default
Use one of the elevate as admin scripts
This isn't going to work whatsoever with people who don't know how to express what they want to do.
Tons of people have just been taught a fixed workflow involving a sequence of buttons with known labels and icons and locations. Lots of people already can't find programs in the start menu even if they know the name (because they don't know how search works and often even will think it's not the same program / will think it won't have the same data because the icon was found in a different place).
How are they suddenly going to talk to an AI about things that the AI don't even have information about? The AI won't know all the nicknames people have, it won't knew how people describe the icons, can't handle all misspellings (they don't even understand phonetics), it won't under people's description of the UX parts, and when programs have 20x start options where people usually follow a guide to pick the right one then the AI won't be able to reliably recognize which one the user intends to open.
Every single company would literally need a team of AI training experts and capture EVERYTHING the employees does with the computers and says about them for a few months to capture all the context it needs.
Even LibreOffice? Is there any variant which uses a sane format?
The Microsoft Office installer has translated "Office downloads" (as in office is downloading now) to the plural form in Swedish, so it reads grammatically incorrectly as if there's multiple downloads going on. Very professional, lmao
Yeah, the TPM should perform the signature inside of the security chip, the key is always off limits from everything else