this post was submitted on 17 Dec 2024
9 points (90.9% liked)

Technik

353 readers
30 users here now

die Community für alles, was man als Technik beschreiben kann

Beiträge auf Deutsch oder Englisch

founded 5 months ago
MODERATORS
top 8 comments
sorted by: hot top controversial new old
[–] [email protected] 4 points 4 days ago

Look, I'm a very technical person and I prefer long, auto-generated passwords stored in a password manager. It's stupidly simple, works with every service and I can hand-enter my passwords even on the most obnoxious smart TV set.

I get that Passkeys do that in a more convenient way and prevent regular users from reusing simple passwords. So far, so good.

But I also use several devices over several different ecosystems and like the syncing my password manager gives me. I even sync my TOTP 2FA codes. I also like being able to make backups of such important data.

I don't want to loose access to a service because I lost my phone. I don't want to go to the settings of #M services and add my #N devices. That is a LOT of work for very little benefit! And I need to go through that hassle again every time I get a new phone or tablet or laptop or desktop or smartwatch (?) or authenticator device.

Yes, some password managers like bitwarden also do passkeys and sync them. But I would still have to figure out which services use it. And then I am locked into my current password manager.

[–] [email protected] 10 points 4 days ago* (last edited 4 days ago) (1 children)

This is a way to lock people into Microsoft's plattform.

They'll store the keys in some kind of windows proprietary format involving TPM from which you won't be able to export them, to make it the maximum possible pain in the ass to ever again migrate away from their OS.

[–] [email protected] 2 points 4 days ago

That was a spectacular read!

[–] [email protected] 4 points 4 days ago

I'll be so happy when hackers will find a way to extract your biometric data from your phone after hearing all the experts promise that "your data will never ever leave your device, promise!"

[–] [email protected] 6 points 4 days ago (1 children)

So if I refuse to give Microsoft my biometric data they will replace my perfectly secure password with an inferior pin have I got that right?

[–] [email protected] 4 points 4 days ago* (last edited 4 days ago) (2 children)

My understanding as well. Then there is this quote

“if a user has both a passkey and a password, and both grant access to an account, the account is still at risk for phishing. (...)"

How does a PIN, which is inferior to a password, provide more security, when passwords alledgedly aren't secure anymore?

This is an obvious grab for biometric data if you ask me. The statements are too contradictory. At some point PINs are gonna get phased out as well. A bit like what they're doing with local accounts on Win11

[–] [email protected] 1 points 4 days ago

You do not use the PIN to log into your account, but to unlock the passkey that is used to log into your account.

A PIN + the need to physically access a device capable of logging into your acount is safer than a password, which is safer than a PIN.

On the other hand, a compulsory 2FA bound to a physical device will create lots of problems when you loose access to your device.

[–] [email protected] 2 points 4 days ago

good thing biometric scanners can also be duped easily, unless it is some advanced stuff you won't find in consumer devices.