Passkey is some sort of specific unique key to a device allowing to use a pin on a device instead of the password. But which won’t work on another device.

Now I don’t know if that key can be stolen or not, or if it’s really more secure or not, as people have really unsecure pins.

  • Nolegjoe@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    If that’s the case, then a bad actor could spam someone’s phone with notifications. All they’d need is a username.

    Or, like my mum, you don’t read what the notification says and just hit ‘OK’. Now you’ve let someone into your account without realising

    • a_fancy_kiwi@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Shit. Good point. According to this blog at 1Password, Bluetooth can be used to have one device verify another for a service. So I guess if the public device has Bluetooth, it’s possible 🤷‍♂️

      • Natanael@slrpnk.net
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        There’s more ways such as scanning a Qr code to establish a connection from the app to the computer, or by presenting a number on one device which must be entered on the other