appleinsideruser

Marvin said:

appleinsideruser said:

Marvin said:

appleinsideruser said:

Not contradicting your post 22, but passkeys make me uneasy. Give me a password that is strong that I store in keychain and I’m in charge of my own destiny (and access to the resource). 

Loose a device or an invisible crypto passkey and you’re buggered. #luddite  🤷‍♂️ 

There will be account recovery methods, just like forgotten passwords. If someone loses a device and hasn't backed up passkeys to the cloud, they'd have to recover their accounts with the registered sites. This can be done with emails, SMS.

If they are backed up to the cloud, locally or synced to multiple devices, it's much less likely people will get locked out.

If someone has 100 different passwords for all the sites they use and writes them down or uses a password app, losing those backups would have the same effect and would be much worse to recover as you'd have to think up all new passwords x100. Passkeys can be renewed with a click.

This new system will make it much easier to setup secure logins, people don't have to think up a new minimum length password, capital letters, numbers, special character etc. Just add email address, signup, verify email, save passkey.

Does Hide My Email for with Passkeys, or do you reveal your email address to the site?

There wouldn't be a need to use the original email address, Passkeys is just a file key instead of a password, everything else works the same.

22july2013 said:

appleinsideruser said:

22july2013 said:

appleinsideruser said:

Not contradicting your post 22, but passkeys make me uneasy. Give me a password that is strong that I store in keychain and I’m in charge of my own destiny (and access to the resource). 

Loose a device or an invisible crypto passkey and you’re buggered. #luddite  ߤ禺wj;♂️ 

That's not accurate. With Apple operating systems, you can use their new feature for sharing your Passkeys with family or friends. A story on AppleInsider from 4 days ago covers this. It's called "How to Share Passwords [and Passkeys]."

Indeed, yes. And I've seen the extra button when logging into iCloud.com. But there's still something that feels wrong about trusting it. It's a perception thing. I'm all for tech, but as I say, this one just makes me uneasy for some reason. 

EDIT: It is a bit daft that Apple hides the password field and offers a passkey option when signing on iCloud.com, even if your system doesn't support it. It seems quite a big dollop of encouragement — a hard sell — for something (superior) that might not be supported. 

Thanks for kinda agreeing. And I will kinda agree that there are some issues with storing passkeys on hardware tokens. As you say, they are easy to lose, and even easier to forget to keep up to date if you have token backups. When it comes to I&A, I have as many questions as I have answers. A lot of the issues come down to trust. Do you trust your family? Do you trust the government? Do you trust yourself to maintain your data? Look at how many people use cryptokey brokers instead of managing their own cryptokey accounts. They don't trust themselves to secure their own cryptocoin. If we can't manage our own cryptocoin, how can we manage our own passwords? Conversely, there are probably many people who want to secure their own passwords but don't mind other people securing their cryptocoin. Are you one of those people?

22july2013 said:

appleinsideruser said:

Not contradicting your post 22, but passkeys make me uneasy. Give me a password that is strong that I store in keychain and I’m in charge of my own destiny (and access to the resource). 

Loose a device or an invisible crypto passkey and you’re buggered. #luddite  ߤ禺wj;♂️ 

That's not accurate. With Apple operating systems, you can use their new feature for sharing your Passkeys with family or friends. A story on AppleInsider from 4 days ago covers this. It's called "How to Share Passwords [and Passkeys]."