memes

12126 readers

2986 users here now

Community rules

1. Be civil

No trolling, bigotry or other insulting / annoying behaviour

2. No politics

This is non-politics community. For political memes please go to [email protected]

3. No recent reposts

Check for reposts when posting a meme, you can only repost after 1 month

4. No bots

No bots without the express approval of the mods or the admins

5. No Spam/Ads

No advertisements or spam. This is an instance rule and the only way to live.

A collection of some classic Lemmy memes for your enjoyment

Sister communities

[email protected] : Star Trek memes, chat and shitposts
[email protected] : Lemmy Shitposts, anything and everything goes.
[email protected] : Linux themed memes
[email protected] : for those who love comic stories.

founded 2 years ago

MODERATORS

[email protected]

185

Take your passkey and shove it where the sun don't shine (lemmy.world)

submitted 7 hours ago by [email protected] to c/[email protected]

39 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 14 points 7 hours ago (3 children)

Passkeys are light years ahead of 2fA in user experience. Why do you dislike them?

Security based on devices is one of the positive innovations of smartphones and perhaps the only area where they've improved over the desktop experience.

[–] [email protected] 40 points 7 hours ago (3 children)

I very specifically don't want my security tied to my device. Trying to migrate to new phones, and keeping things synced between a phone, desktop, and laptop is why I long ago moved to a password manager. Now, especially in the phone space, getting passkeys to function fully with a password manager ranges from "pain in the ass" to "not actually possible".

[–] [email protected] 7 points 5 hours ago (1 children)

Bitwarden: “I’m literally right here”

[–] [email protected] 6 points 5 hours ago (1 children)

Bitwarden+Firefox+Android. That combo doesn't support passkey creation.

[–] [email protected] 1 points 18 minutes ago

Ah, shit. Really? This is exactly my setup.

[–] [email protected] 14 points 6 hours ago (1 children)

I had a botched phone battery replacement once resulting in the phone getting replaced very unexpectedly. It was a nightmare trying to get everything back together because I stupidly used google authenticator, which is tied to the specific phone it’s on. Not tying it to the device is the way to go.

[–] [email protected] 3 points 3 hours ago* (last edited 2 hours ago)

I didn't consider the friction of integrating it into your existing process because I use a manual password manager. But who is saying you should replace a password manager with passkeys? It was always meant to be a parallel system.

Edit: I just wanted to add that people like you and I who have "solved" our credentials problems are a tiny minority. Passwords are shit. Just because we've grown accustomed to them doesn't change that.

[–] [email protected] 4 points 5 hours ago

Heard of so many people losing their phone. Then they try to log into something and the company (quite often google) says "I don't give a fuck if you know your passwords I'm never letting you log into your account get fucked, don't call I won't answer"

[–] [email protected] 12 points 6 hours ago

Why would I want security based on a device? What security this offers greater than a 64 chars password + 2FA?

[–] [email protected] 2 points 6 hours ago

Passkeys make plausible deniability more difficult. “This user name isn’t necessarily associated with my real world identity” permits some important good things.