- cross-posted to:
- wired@rss.ponder.cat
- cross-posted to:
- wired@rss.ponder.cat
“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.
I remember when Microsoft made a big deal about this on Windows and then their “implementation” was making the local signon a number PIN.
And not a proper separate auth operation lol. You either set up almost everything with the PIN or use a regular password, not both. Makes it useless on enterprise.
Realistically we should all be using a key/pass vault since that would make using passkeys much easier, but that’s too complicated for the internet in
20042024.If it were me, I’d just issue everyone a yubikey.
What separate auth operation is needed besides authenticating with the local device to unlock a passkey?