this post was submitted on 13 Jul 2023
14 points (100.0% liked)
Technology
37853 readers
64 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I think both passkeys and security keys rely on the hardware being one of your multiple factors. This is what keeps a remote hacker who stole some website's password database from using the stolen passwords to log in--they don't have your physical hardware.
You can't store the passkey in your password manager because your password manager isn't hardware.
You could store the passkeys in your laptop's (or phone's, etc.) hardware, and in fact that's how passkeys are intended to work.
Disclaimer: I barely understand this stuff and welcome corrections/elaborations.
I believe password managers are getting the ability to store passkeys, bitwarden is rolling it out as a new feature soon. Here's their announcement: https://bitwarden.com/blog/what-are-passkeys-and-passkey-login/
1Password also: https://www.future.1password.com/passkeys/
Interesting! I wonder if they're actually storing the keys in the cloud or if they're just using Bitwarden as a way to sync keys between hardware.
In any case, it seems like your original suggestion is a good one. Thanks for the info!