Hacker News new | ask | show | jobs
by mplewis 976 days ago
Because passkeys are supposed to be a bit more secure than plaintext passwords.
3 comments
wutwutwat 976 days ago
Passkeys are supposed to eliminate the need for companies to store a password so we no longer have to deal with the fallout of 40 breaches a year. In order to export passkeys it has to be in plaintext at some point, even if encrypted once again into the export file. Point is, one of the huge selling points of pushing people to use passkeys is the portability and lack of vendor lock in yet here we are with choices that are all currently vendor lock in.
link
hedora 976 days ago
Computer security is generally defined as Confidentiality, Integrity and Availability.

Not “or”. Passcodes don’t provide availability, so they are not providing security.

This is undergrad-level stuff.

link
afiori 976 days ago
This sounds a bit like "a turned off computer is the only secure computer"
link