• kevincox
    link
    fedilink
    arrow-up
    2
    ·
    7 months ago

    But… PAKE is used as a method for ongoing exchange of messages

    I don’t know what you mean.

    In really don’t see it that complex, in my last job IT installed a passkey in my laptop

    They can also install a randomly generated password just as easily.

    Sending passwords is insecure because if an attacker gets the password, you lost

    That is why you use a PAKE, you don’t send the password.

    Old people won’t adopt it unless forced

    They also won’t adopt passkeys unless forced. What is the difference?