A new login technique is becoming available in 2023: the passkey. The passkey promises to solve phishing and prevent password reuse. But lots of smart and security-oriented folks are confused about what exactly a passkey is. There’s a good reason for that. A passkey is in some sense one of two (or three) different things, depending on how it’s stored.
    • lemmyvore@feddit.nlEnglish
      9·
      2 years ago

      If they get your password they can impersonate you to the server. They can’t do that with just the public key part of your passkey.