I'm really not knowledgeable about these new passkey systems.
If I switch to this sort of system, does that mean that I won't be able to check email using the library computers any more? I am required to use the same hardware each time, and that hardware must have its own internet access, correct?
Or is there a USB-based solution I can plug into the library computer to authorize my login? But I won't be able to download anything on the library computer....
My contingency planning for "house catches on fire and I have to leave in my underwear" or "on holiday and someone steals my stuff" currently depends on being able to log in to my account via someone else's device to send email or to chat.
In a future passkey system, if someone grabs your phone when you are visiting Amsterdam, throws it into a canal, and runs away, what do you do to recover? How do you log in to your email to get a copy of the ticket to print out using a hotel computer?
Because I can totally see griefers doing that. Your (used) phone might have a material cost of $400, while the economic impact it has on you is far higher.
You can store passkeys directly in Proton Pass and access them via mobile or desktop (which doesn't require additional hardware).
You can also keep a backup on a Yubikey as a webauthn passkey, protected with a pin which will self destruct after enough failed attempts.
A passkey is a cryptographic key pair that stores a private key pair (encrypted) in password manager/server or on a Yubikey etc..) and a public key that is stored on the originating service.
Right, but my question was how to handle the "oh shit!" case where you need to start from scratch, like getting your things stolen when in another country.
Today I can connect to my email server using a library computer (or hotel guest computer, or rental business desk), log in with my password, and be able to contact someone who can help, or download a copy of the ticket for printout.
If I switch to passkeys, will this recovery method still work? Do I keep a Yubikey on a keychain? And USB A/C adapter?
Proton Pass seems to require installing something on the machine, which would seem to reduce the number of options I have.
That requires being able to plug in your device, right?
How many such keys are needed? I'm guessing about 5? Give a couple to trusted friends, in case my residence burns down, keep one with me, and two at home as backup, because I know I'll lose things?
How often should I verify they still work? (Backups don't exist until you've restored, so I assume the same applies here?)
Everything I see about passkeys makes me think the failure mode can be more tragic than using passwords, and the use case is for people willing to trust Apple or Google.
I think I'm willing to trust Proton - for one, they support deGoogled Android - but I don't understand the risks in switching, or what backup practices I need.
If I switch to this sort of system, does that mean that I won't be able to check email using the library computers any more? I am required to use the same hardware each time, and that hardware must have its own internet access, correct?
Or is there a USB-based solution I can plug into the library computer to authorize my login? But I won't be able to download anything on the library computer....
My contingency planning for "house catches on fire and I have to leave in my underwear" or "on holiday and someone steals my stuff" currently depends on being able to log in to my account via someone else's device to send email or to chat.
In a future passkey system, if someone grabs your phone when you are visiting Amsterdam, throws it into a canal, and runs away, what do you do to recover? How do you log in to your email to get a copy of the ticket to print out using a hotel computer?
Because I can totally see griefers doing that. Your (used) phone might have a material cost of $400, while the economic impact it has on you is far higher.