this post was submitted on 20 Oct 2024
626 points (87.4% liked)

Technology

59358 readers
4018 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
L3s@fry.gs
L4s@fry.gs
L4s@lemmy.world
enu@lemmy.world
626
Concerns Raised Over Bitwarden Moving Further Away From Open-Source (www.phoronix.com)
submitted 3 weeks ago by AsudoxDev@programming.dev to c/technology@lemmy.world
203 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] hedgehog@ttrpg.network 8 points 3 weeks ago (9 children)

Do any of the iOS or Android apps support passkeys? I looked into this a couple days ago and didn’t find any that did. (KeePassXC does.)

[–] ilmagico@lemmy.world 2 points 3 weeks ago* (last edited 3 weeks ago) (6 children)

I don't use passkeys so I don't know. Maybe I should research into passkeys, what's the benefit over plain old (long, randomly generated) passwords?

[–] ilmagico@lemmy.world -2 points 3 weeks ago* (last edited 3 weeks ago) (4 children)

Ok, from a quick search, it seems passkeys rely on some trusted entity (your browser, OS, ...) to authenticate you, so, yeah, I'm not sure if I like that. The FIDO alliance website is all about how easy, convenient and secure passkeys are, and nothing about how they actually work under the hood, which is another red flag for me.

I'll stick to old-fashioned, long, secure, randomly generated passwords, thanks.

[–] ilmagico@lemmy.world 1 points 3 weeks ago

I was finally able to find some technical detail on passkeys on FIDO website, and yeah, it actually looks like it's a real improvement over passwords: it's simple, uses proven technology (public/private keys), and should be much more secure than passwords.

Also, nothing in the "specs" says I need to entrust my private key with the OS or a third party, which is good.

That said, it seems some OS support is required nonetheless, to show the pin / biometrics prompt (or is it?), and on android at least, I'd need to buy a new device with Android 14 to use a non-Google passkey provider...

load more comments (3 replies)
load more comments (4 replies)
load more comments (6 replies)