Technology

37735 readers

44 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago

MODERATORS

TheRtRevKaiser@kbin.social

How Hype (Passkeys) Will Turn Your Security Key Into Junk (fy.blackhats.net.au)

submitted 1 year ago* (last edited 1 year ago) by nihilx7E3 to c/technology

5 comments fedilink hide all child comments

tl;dr: passkeys, as proposed now, will fill up existing fido2/webauthn authenticators if the feature becomes widespread enough. this is because the feature of "passkeys" actually refer to resident keys, which most authenticators today can only store a limited amount of (some, none at all!). preventing this will require changes to either webauth, fido, or passkey libraries.

you are viewing a single comment's thread
view the rest of the comments

[–] coldredlight 2 points 1 year ago (2 children)

I believe password managers are getting the ability to store passkeys, bitwarden is rolling it out as a new feature soon. Here's their announcement: https://bitwarden.com/blog/what-are-passkeys-and-passkey-login/

[–] oktux 2 points 1 year ago

Interesting! I wonder if they're actually storing the keys in the cloud or if they're just using Bitwarden as a way to sync keys between hardware.

In any case, it seems like your original suggestion is a good one. Thanks for the info!

[–] Domiku 2 points 1 year ago

1Password also: https://www.future.1password.com/passkeys/