• Big Tech has implemented passkeys in a way that locks users into their platforms rather than providing universal security
  • Passkeys were developed to replace passwords for better account security, but their rollout by Apple and Google has limited their potential
  • Proton Pass offers passkeys that are universal, easy to use, and available to everyone for improved online security and privacy.
  • CriticalMiss@lemmy.world
    link
    fedilink
    English
    arrow-up
    50
    ·
    7 months ago

    When vaultwarden supports this I’ll play ball. If I don’t have control over my authentication methods, then they aren’t my authentication methods.

    • cooopsspace@infosec.pub
      link
      fedilink
      English
      arrow-up
      15
      arrow-down
      7
      ·
      edit-2
      7 months ago

      Do you really think it’s a good idea to store your password, TOTP and pass key in one place?

      • hydration9806@lemmy.ml
        link
        fedilink
        English
        arrow-up
        15
        arrow-down
        1
        ·
        7 months ago

        Yes, as long as that place is only accessible by a physical passkey (such as a Yubikey). The risk is miniscule and the convenience is 100% worth it.

        • cooopsspace@infosec.pub
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          1
          ·
          7 months ago

          I’m actually not sold that I should be putting all my keys in a single password manager like Bitwarden.

        • Reddfugee42@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          1
          ·
          7 months ago

          Treating social media accounts as irrelevant is fine as long as none of your real life friends associate with you on the same platform. Once that’s the case, scammers can take over your platform and send messages to your friends telling them you’re stuck and need money or other sorts of things that sound ridiculous but work all the time.

          • DreamlandLividity@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            7 months ago

            I am not treating them as irrelevant, hence a password manager. But I am not treating it as fort knox. Most of my real-life friends probably don’t even go that far.

      • EngineerGaming
        link
        fedilink
        English
        arrow-up
        1
        ·
        7 months ago

        I personally settled on having TOTP in the same application but in a different database.

    • bitwolf@lemmy.one
      link
      fedilink
      English
      arrow-up
      3
      ·
      7 months ago

      Vaultwarden has supported pass keys for a while. The client app does all the hard work in this pattern.