upvote

points

by shaky-carrousel17 hours ago |
comments
upvoteby pibaker17 hours ago|
next
[-]
The main benefit is you will never put your passkey on a phishing site. Password managers provide some protections against it because if they do not work automatically on a website you know something is fishy, but sadly many websites have botched their password input so even with a password manager you may still need to manually copy and paste (or even type, if pasting is disabled) the password.

The problem is whether or not the benefit outweighs the additional risks introduced — losing account access when you lose a device, furthering device lock down, difficulty transferring the passkey between devices, UX degradation due to bad implementation. In my opinion the answer is no and I am sticking with my passwords.

reply
upvoteby TurboSkyline12 hours ago|
parent|
[-]
> sadly many websites have botched their password input so even with a password manager you may still need to manually copy and paste (or even type, if pasting is disabled) the password.

Unfortunately, it’s exactly those websites that I think would be unlikely to support passkeys at all.

reply
upvoteby bryantwolf17 hours ago|
prev|
next
[-]
The advantage is that the password never leave the device. It has a public key and signs challenges with the private key but nothing sensitive goes over the wire on every login
reply
upvoteby valenterry16 hours ago|
parent|
[-]
It should be noted that that is not an inherential advantage of passkeys over passwords. It is possible to achieve the same with passwords, e.g. by using a hash-cascade.
reply
upvoteby lxgr15 hours ago|
parent|
next
[-]
Sure, but then you still need a protocol between user agent and website. If you just do this in Javascript, you're not protected against phishing sites just forwarding the password entered directly.

Passkeys can in fact be backed by exactly this, i.e. a HMAC-only stateless implementation backed by a single password: https://github.com/lxgr/brainchain

reply
upvoteby valenterry11 hours ago|
parent|
[-]
> Sure, but then you still need a protocol between user agent and website.

Yes of course. Just like you do for passkeys.

> Passkeys can in fact be backed by exactly this, i.e. a HMAC-only stateless implementation backed by a single password: https://github.com/lxgr/brainchain

No, not quite. It's written on there:

> "Login" with your passphrase, and you can create non-discoverable WebAuthN credentials (don't call them passkeys, but definitely be reminded of them) at ~all~ some websites supporting them (...)

That's the thing: with passwords, a website/app cannot prevent you from controlling the password yourself. With passkeys and attestation it can.

reply
upvoteby lxgr6 hours ago|
parent|
[-]
But attestation for passkeys is dead. Neither Apple's, nor Google's implementation (with negligible exceptions) support it anymore, so any site demanding attestation will immediately disqualify > 99% of all potential users.

Some still might, e.g. for corporate or high security contexts, but I don't think it'll become a mass-adopted thing if things don't somehow drastically change course.

reply
upvoteby valenterry2 hours ago|
parent|
[-]
It's still in the standard. They could remove it, but they don't, so from my perspective it's just like how Google wasn't evil. Until they decided otherwise.
reply
upvoteby mi_lk16 hours ago|
parent|
prev|
[-]
is it fair to say all passkey implementations have this advantage while only some password implementations can match?
reply
upvoteby simoncion15 hours ago|
parent|
[-]
It is absolutely unfair to say it. Just like passwords stored in a password manager, passkeys can be copied out of the device for safekeeping. Because you can copy them out, a user can be induced to give them to someone.

I saw passkey boosters go very, very rapidly from "Passkeys are immune to phishing!" to "Passkeys are phishing resistant!" when lots of real-world people started using passkeys and demonstrated that you absolutely must have a way to back them up and move them around.

reply
upvoteby lxgr15 hours ago|
parent|
[-]
> passkeys can be copied out of the device for safekeeping

You can't copy them out on at least the iOS, Android, and (to my knowledge) Windows default implementations.

> lots of real-world people started using passkeys and demonstrated that you absolutely must have a way to back them up and move them around.

Millions of people use them without being able to move them around in the way you describe.

reply
upvoteby simoncion15 hours ago|
parent|
[-]
> You can't copy them out on at least the iOS, Android, and (to my knowledge) Windows default implementations.

Pardon? The official support docs disagree with you [0][1][2]. They absolutely leave the device.

Other passkey managers let them leave the device in a way that you control, but even the default ones copy them off the system they were created on.

[0] <https://support.google.com/accounts/answer/6197437?hl=en&co=...>

[1] <https://support.apple.com/guide/iphone/passwords-devices-iph...>

[2] Examine the "Can I use passkeys across multiple devices?" Q and its A here: <https://support.microsoft.com/en-us/windows/passkeys-frequen...>

reply
upvoteby lxgr15 hours ago|
parent|
[-]
Yes, they're synchronized, but I wouldn't call that "copying them out", as that to me implies somehow getting access to the raw private key or root secret bytes.

Both Apple and Google have pretty elaborate ceremonies for adding a new device to an existing account in a way that synchronizes over passkeys.

reply
upvoteby simoncion15 hours ago|
parent|
[-]
> ...as that to me implies somehow getting access to the raw private key or root secret bytes.

When passkeys were first introduced, they were 100% stuck to the device that they were created. There was absolutely no real way to copy them off. This is when proponents were -correctly- making the claim that they were immune to phishing.

When lots of users (who -notably- were not supported by whole-ass IT departments who set up and run systems that handle provisioning and enrolling new devices) started using passkeys, the correctness of the thing that many non-boosters were screaming ("You have to have a way to back these up and move them between devices!") became abundantly clear. Passkeys became something that could be copied off of devices, and proponents -correctly- switched to the claim "Passkeys are phishing resistant".

Once things switched around so that passkeys were no longer stuck on a single device, third-party managers got the ability to manage and copy passkeys. [0]

Hopefully it's now clear that the shift from "they never leave the device" to "they do leave the device" (and the consequences of this change) is what I'm talking about.

[0] At least, they will for the next five, ten years until the big players decide that it's okay to use attestation to lock them out to "enhance security".

reply
upvoteby Terr_7 hours ago|
parent|
[-]
It sounds like part of the problem is that two rather separate standards of "phishing" are getting conflated:

1. "Hi, I'm your bank, log in just like you normally do." (Passkeys immune.)

2. "Hi, I'm your bank, do something strange I've never ever asked you to do before by uploading some special files or running this sketchy program." (Passkeys just resist.)

The problem with the expansive definition is it basically starts to encompass every kind of trick or social-engineering ever.

reply
upvoteby red_admiral15 hours ago|
prev|
next
[-]
They're more accessible to people who don't understand computer security?
reply
upvoteby UltraSane5 hours ago|
prev|
[-]
The main advantage is how strictly limited export of the passkey secret is. It is very unlikely for it to ever be phished or copied.
reply