• MoogleMaestro@lemmy.zip
    link
    fedilink
    English
    arrow-up
    8
    arrow-down
    1
    ·
    1 month ago

    The problem with PassKey is simply that they made it way more complicated.

    Anyone who has worked with SSH keys knows how this should work, but instead companies like Google wanted to ensure they had control of the process so they proceeded to make it 50x more complicated and require a network connection. I mean, ok, but I’m not going to do that lmao.

    • Sl00k@programming.dev
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      2
      ·
      1 month ago

      Would love for you to describe exactly how it’s more complicated. From my perspective I click a single button and it’s set up. To log in I get a notification on my device, I click a button and I’m logged in.

      • corsicanguppy@lemmy.ca
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        2
        ·
        1 month ago

        Would love for you to describe exactly how it’s more complicated.

        YOU JUST DID, below

        From my perspective

        neat.

        I click a single button

        … on your device tethered to a single app by a single vendor and their closed data store

        and it’s set up.

        … and tethered to prevent you from churning.

        To log in I

        … wait online to …

        get a notification on my device,

        … or send it again. Or again. Try again. Maybe mail it?

        I click a button and I’m logged in.

        Yeah. Just click (tap) a button (enter a code).

        Using a big-brand MFA setup at one job that requires ‘one button’ and ‘get a notification’ and ‘click a button’, I know you’re glossing over the network issues HEAV-I-LY.

        Now do it in airplane mode. Do it when the token organization is offline. Do it when there’s no power because the hurricane hit and there’s no cell, no data, no phones, and your DC is on its last hour of battery and you have to log in because the failover didn’t run.

        Do it when your phone fell on its face in the rain into a puddle and it’s not nokia.

        Do it when you either have cell service and 5% battery, or 100% battery from inside the DC and no cell service.

        Do it when you’re tired, hungry, drunk, lost your glasses in the car accident.

        The D in DR means DISASTER. Consider it.

        • linearchaos@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 month ago

          For somebody complaining about making things complicated you certainly complicated the s*** out of a short post.

          Storing your passkey in any of the shared password managers solves almost every problem you’ve listed.

          With bitwarden and I have offline access to my passkey. I don’t know why the hell you’d need offline access to your pass key because they’re designed to protect online systems, But it could if I wanted it to.

          With Bitwarden I can use my phone, or I can use my browser, or any one of four other browsers, or any other computer.

          If I need to reset one of my pass keys I reset it in one place and it gets reset everywhere.