[konha]

> Copy and paste and externally using any devices to connect with the system is prohibited.

Like a keyboard? In which case: How do you enter your password?

Is that a common scenario? Where you can use a (presumably) usb attached keyboard but you cannot insert your security key?

[hedora]

Air-gapping the machine running a web browser from the machine that stores your passwords seems completely reasonable to me.

So does preventing people from plugging random USB devices into shared machines.

[konha]

Passkeys have a fallback flow where they show a qr code you can scan from the screen of the device you want to log in to. Requires bluetooth though to prove you are "near" the device. I guess that's also disabled on these hypothetical locked down devices?

[hedora]

I can't imagine that working correctly on a machine at a library.

Also, connecting via bluetooth defeats the purpose of air-gapping.

[keep_reading]

And yet all the non-technical folks you give this advice to will look at you like you have two heads. This is completely unreasonable unrealistic user-unfriendly advice

[hedora]

Many people use shared computers at our local library. I can afford a nice quiet office and big monitor at home, but many people cannot.

I imagine they either memorized their passwords, wrote them on a piece of paper, or stored them on an (air gapped from the library machine) cell phone.

[echohack5]

There is a keyboard and mouse attached to the server already, but few if any services run, and if they do they're fairly locked down, or in some degraded state.

It's not a server I need to access often in this way. But I think these necessary-but-limited-use scenarios will be interesting should passkeys really catch on like passwords did.

[JohnFen]

> Is that a common scenario? Where you can use a (presumably) usb attached keyboard but you cannot insert your security key?

I don't know how common it is, but this is the exact issue that makes passkeys a nonstarter for me.