“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.

  • 4am@lemm.ee
    link
    fedilink
    English
    arrow-up
    24
    ·
    3 months ago

    When a website gets hacked they only find public keys, which are useless without the private keys.

    Private keys stored on a password manager are still more secure, as those services are (hopefully!) designed with security in mind from the beginning.

    • weststadtgesicht@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      4
      ·
      2 months ago

      If a website with old-school passwords gets hacked, the hacker only gets salted hashes of passwords - this does not seem to be much worse?

      (Websites that store plaintext passwords surely won’t implement passkeys either…)