This is a most excellent place for technology news and articles.
It’s passkeys. Saved you a click.
And yes, this is a pretty good idea.
I’ve given up on remembering unique passwords years ago. My passwords are basically opaque tokens that I store in an application I trust. Passkeys are basically this concept taken to a logical conclusion.
If anyone here does start using passkeys, just please please please make sure you have backups. And test that you can restore from those backups!
I've read horror stories about losing or breaking a phone and being locked out of everything because the standard phone backups don't save the passkeys private keys.
Personally I'm waiting until Bitwarden supports passkeys and I've made damn sure I can restore them from backup.
That’s not how passkeys work. You still have the usual Google account recovery flow.
Just make sure you have some 2FA backup codes stuffed into a sock drawer somewhere, that your email address and telephone numbers are up to date and you should be ok.
I’ve read horror stories about losing or breaking a phone and being locked out of everything because the standard phone backups don’t save the passkeys private keys.
This is no different than what we already have. Many people don't backup their TOTP to any cloud provider, or even themselves, and if their phone breaks, they lose all of their TOTP. And most people don't save recovery keys (if the service even provides them).
So ya. Stop fear mongering.
Download for uninformative clickbait headline.
Ok, but can I generate a new passkey with the same fingerprint? I’m pretty sure that eventually someone will find an exploit that allows them to steal your keys, so you need to make the old keys invalid by generating new ones.
You make a separate passkey per Authenticator device or application.
Passkeys are not necessarily tied to biometrics unless the Authenticator application/device is configured to do that.
Ok, that’s great. Seems like a fairly secure option, so I don’t see any major problems with it.
