• lud
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    Since you should use a password manager anyways, it wouldn’t make a difference if they get a randomised password or public key.

    • lemmyvore@feddit.nl
      link
      fedilink
      English
      arrow-up
      9
      ·
      1 year ago

      If they get your password they can impersonate you to the server. They can’t do that with just the public key part of your passkey.

      • lud
        link
        fedilink
        arrow-up
        2
        arrow-down
        3
        ·
        1 year ago

        That’s true.

        Ideally my password should be hashed and salted anyways, so that shouldn’t make a huge difference.