this post was submitted on 14 Feb 2024
262 points (88.8% liked)

Technology

59381 readers
3064 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Passkeys: how do they work? No, like, seriously. It’s clear that the industry is increasingly betting on passkeys as a replacement for passwords, a way to use the internet that is both more secure and more user-friendly. But for all that upside, it’s not always clear how we, the normal human users, are supposed to use passkeys. You’re telling me it’s just a thing... that lives on my phone? What if I lose my phone? What if you steal my phone?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 11 points 9 months ago (2 children)

I already use KeePass, but as far as I know it doesn't do passkeys, only passwords?

[–] [email protected] 8 points 9 months ago (1 children)

I haven't seen anything about the original KeePass supporting them but KeePassXC is working on it:

https://github.com/keepassxreboot/keepassxc/issues/1870

[–] [email protected] 3 points 9 months ago (3 children)

I have been super hesitant to look into KeePassXC, should I give it a chance?

Of course, unless I can also access these features on my phone it doesn't really matter…

[–] [email protected] 4 points 9 months ago

Yeah, unfortunately passkey support on mobile outside of what the OS/browsers provide is kind of not there at the moment but it's being worked on. Android 14 apparently has some kind of framework for integrating in third-party passkey providers. At this point, you should view passkeys as an additional, more convenient and secure way to log in on the platforms it's supported on, not necessarily the only way to log into an account.

[–] [email protected] 3 points 9 months ago

Pull the software down and give it a look. Set up a database with no real passwords in it just to play with the various features.

[–] [email protected] 2 points 9 months ago

I recently switched to KeePassXC and it looks nicer and is easier to use. The also include some addon functionality into the app so you don't need to trust that. The only downside is that it doesn't automatically fills the browser text fields, you have to click on a green icon in the text field - but that is more secure. They also have an android app.

[–] [email protected] 6 points 9 months ago (1 children)

Bitwarden does passkeys supposedly. Haven't tried it myself yet because I don't know what to make of passkeys.

[–] [email protected] 9 points 9 months ago

Currently Bitwarden's passkey support is limited to the browser extensions not the apps but from my experience it works relatively well. When logging into a site you just select the passkey from the extension popup and it logs you in.

Example passkey registration:

  • Click create a passkey button in the accounts settings page
  • Bitwarden extension pops up with a list of matching accounts
  • Select the account in your password manager that you want to associate the passkey with
  • Click Save passkey button
  • The account now has a new passkey associated with it that's stored in your Bitwarden vault

Example login:

  • Click sign in with passkey button on the login page
  • Bitwarden extension pops up with a list of matching accounts from your vault
  • Select the account you want to sign in with
  • Click Confirm button
  • You're signed in