“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.

  • 4am@lemm.ee
    link
    fedilink
    English
    arrow-up
    11
    ·
    1 month ago

    With passkeys you never need to worry about the storage method used by the site. Some sites STILL store passwords in plaintext. When that database gets hacked, it’s game over.

    A public passkey, even stored in plaintext, is useless to an attacker.

    Maybe that doesn’t matter for you or me, with our 64-character randomly generated passwords unique to each service, but the bigger picture is that most people just use the same password everywhere. This is how identity theft happens.