Technology

69912 readers

2000 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

[email protected]

298

Proton Pass now supports passkeys on all devices and plans: Beating Bitwarden to mobile devices (proton.me)

submitted 1 year ago by [email protected] to c/[email protected]

170 comments fedilink hide all child comments

Passkeys are an easy and secure alternative to traditional passwords that can help prevent phishing attacks and make your online experience smoother and safer.

Unfortunately, Big Tech’s rollout of this technology prioritized using passkeys to lock people into their walled gardens over providing universal security for everyone (you have to use their platform, which often does not work across all platforms). And many password managers only support passkeys on specific platforms or provide them with paid plans, meaning you only get to reap passkeys’ security benefits if you can afford them.

They’ve reimagined passkeys, helping them reach their full potential as free, universal, and open-source tech. They have made online privacy and security accessible to everyone, regardless of what device you use or your ability to pay.

I'm still a paying customer of Bitwarden as Proton Pass was up to now still not doing everything, but this may make me re-evaluate using Proton Pass as I'm also a paying customer of Proton Pass. It certainly looks like Proton Pass is advancing at quite a pace, and Proton has already built up a good reputation for private e-mail and an excellent VPN client.

Proton is also the ONLY passkey provider that I've seen allowing you to store, share, and export passkeys just like you can with passwords!

See https://proton.me/blog/proton-pass-passkeys

#technology #passkeys #security #ProtonPass #opensource

(page 2) 50 comments

sorted by: hot top controversial new old

[–] [email protected] 1 points 1 year ago (2 children)

Passkeys seem like mtls...so much so that I'm not sure what the difference is.

[–] [email protected] 2 points 1 year ago (1 children)

MTLS is for transport layer security, not authentication security. This is closer to those RSA keys where there is an RSA server keeping track of all the fobs that can be queried to figure out what number they are currently showing. Acting as a something you have factor of authentication, proving you are who you say you are.

load more comments (1 replies)

[–] [email protected] 9 points 1 year ago (3 children)

Can I get an explanation on what exactly passkeys are? I already use bitwarden for passwords, is there any good reason to switch to passkeys if that works for me?

[–] [email protected] 9 points 1 year ago (2 children)

Passkeys are a form of passwordless authentication. You store them in Bitwarden like regular passwords, but when you want to access a site that supports them (e.g. eBay) instead of asking for you password and autofilling or copy pasting it from Bitwarden your Bitwarden pops up and asks you if you want to login and it just happens (if you have multiple passkeys associated with a site you can select which you want to use). That's it. No password fields which get autofilled and no password in your clipboard (history).

[–] [email protected] 4 points 1 year ago (1 children)

Thanks for the explanation. From the sound of it I'll probably stick with passwords—i like being able to copy them, cause I'm often signing in to an application, not a website, etc.

load more comments (1 replies)

[–] [email protected] 4 points 1 year ago (1 children)

Sounds a lot like SSO no?

[–] [email protected] 4 points 1 year ago

It is a similar experience, but you don't need any infrastructure for it. Everything is handled by your device.

load more comments (2 replies)

[–] [email protected] 1 points 1 year ago (3 children)

How do I create a passkey with Proton Pass then? I don't see that option when pressing the big Plus button.

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago) (1 children)

If the site you're using supports passkeys, it should have an option in your account settings somewhere to create one. When you do, proton pass (or whatever other password manager) will prompt you to save that passkey. You can't manually create one in Proton pass, it has to be the website requesting to save one.

[–] [email protected] 1 points 1 year ago (1 children)

Oh I see! So essentially it's like creating a separate key pair for each login/site? Or will I be able to reuse the same public key/passkey for many different sites once it's created?