|
|
|
|
|
|
by bshacklett
978 days ago
|
|
|
The _full_ quote says: “That is a risk you’ll need to take if you’re using hardware authenticators. The fact that the key isn’t copiable means you only have one of it, so you should probably be enrolling multiple hardware authenticators on each account, or just switching to a software authenticator if you don’t care about the decreased security.”
Software authentication with backup and synchronization is how passkeys are being shown to end users on two of the biggest platforms. For Apple, this is iCloud. For Android, it’s Google Play services. Add to that the fact that 2FA tokens are very often tied to a particular phone, and there’s very little difference between a passkey and the current system of passwords + 2FA, except that passkeys are currently far more resistant to phishing.
Certainly it’s far from perfect, but for the majority of every day users out there, this is a huge potential leap in preventing phishing attacks, which _are_ a real (and growing) threat. Rather than just throwing the technology out, perhaps we, as well informed people, should be looking for solutions to the problem of bootstrapping and recovery, rather than just throwing out the first technology that has a real chance at fixing this problem. |
|
|