pull down to refresh
0 sats \ 1 reply \ @claos545 20h \ on: Passkeys are just passwords that require a password manager - Dan Fabulich security
The main advantage is that it’s cryptographically tied to the app or site. That’s what prevents phishing, your device literally won’t sign a challenge from a different domain, even if it looks identical. The "can’t copy/paste" part is just a side effect of using secure hardware or a password manager to handle it. It's not about making it hard to share; it's about making it impossible to misuse.
right, but if that also means you get locked-in to using one particular password manager, isn't that a bad outcome?
reply