• Jackthelad@lemmy.world
    link
    fedilink
    English
    arrow-up
    16
    ·
    1 year ago

    I like the idea of passkeys, but one thing that I’m still not clear on is what happens to them when I get a new phone.

    It says the passkeys are stored on the device, so would I need to keep my previous phone around to be able to sign in on the new phone?

    • Pasta Dental@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      14
      arrow-down
      1
      ·
      edit-2
      1 year ago

      Password managers like 1Password and Bitwarden support it already or are planning to in the near future, so you will be able to sync them across devices. And I’m pretty sure they will be stored in the iCloud and Google password managers as ways to lock in users even more

      • indigomirage@lemmy.ca
        link
        fedilink
        English
        arrow-up
        9
        ·
        1 year ago

        I’m waiting until Bitwarden supports passkeys before diving in. From what I could tell, they are aiming to release in late October this year, but I’m not certain. (ie - should be imminent).

      • dinckel@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        1 year ago

        Exactly what I’ve been doing. I don’t like them being saved on-device, and I don’t want to create multiple, so 1password handles it for me. Has been really convenient, however only around 10 platforms total have let me add a passkey, out of some 1300 passwords I have registered. Quite a slow rollout

    • RanchOnPancakes@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      I’m with ya. I need to see kind of how it pans out. How smooth it is, how device changing works, how in general sites handle lost passkeys. Then I’ll decide. I want security but I’m also not looking for even more hassle then my current method of strong passwords and 2FA.

    • smileyhead@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Keys, like everything in digital devices, are just strings of data. So if they are on device, it’s the matter where they are stored on the device.

      Google and Apple implementations are going to store them in secure TPM chip, basically once written there should be no way (people knowing darker side of TPM can disagree) to get them back. But, if I understand correctly, there is no forced way how to store them in the spec, there can just be a way Google implement it in such a way, hope they add open API to Android.

      • indigomirage@lemmy.ca
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        It’s 1s and 0s all the way down (notwithstanding qbits…). But it all comes down to workflow and reducing friction of use securely. How will Bitwarden (and others) sit within the process? That remains to be seen. In the meantime, I’m going to see how it goes as I’m not switching gears until I have a thorough understanding of the actual implementation wrt general operation, multiple devices, family accounts (Bitwarden ‘organizations’), backups and recovery, and how to teach and support non-tech-savvy family members through the change).

        It absolutely looks promising, but too risky to be bleeding edge.

    • graphito@beehaw.org
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      You sent me to this rabbithole and here’s the relevant issue for those who are also interested github

      TLDR: devs are on board, PR is being actively developed and reviewed. ETA is unclear but is sooner rather then never later

    • hottari@lemmy.ml
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      Same here. Though this transition in general will take forever as you’ll always have that one odd site that doesn’t support passkeys even when it gains mass adoption.

  • Felix Urbasik@ma.fellr.net
    link
    fedilink
    arrow-up
    1
    arrow-down
    11
    ·
    1 year ago

    @ijeff I’m never going to use passkeys because they require to have a lockscreen on the device, and I don’t have one.

    You might think “Isn’t that kinda dangerous?”

    And I say: My devices are never left unattended, so a lockscreen is just an obstacle to get back where I was. Honestly, try disabling your lockscreen. The fact that you can press one button and be right where you left off is priceless.

    So, screw passkeys and their stupid rules.

    • DerpyPlayz18
      link
      fedilink
      English
      arrow-up
      11
      ·
      edit-2
      1 year ago

      Fingerprint and face unlock exist and they are instant

        • DerpyPlayz18
          link
          fedilink
          English
          arrow-up
          5
          ·
          1 year ago

          If it’s not instant either the hardware isn’t good or you didn’t register the fingerprint properly. Also the fingerprints stay in your device and never get sent to any company.