|
|
|
|
|
|
by lll-o-lll
543 days ago
|
|
|
It’s that, except the OS manages the private key (in a “secure enclave”). So you, the user, (or malware), never get access to the private key. The second crucial part is that these private keys are cloud synced. This means that the average Joe doesn’t lose their passkeys when they lose their phone. Get a new phone, and it will sync your passkeys and you are back. For people in the Apple ecosystem, it really is a straight upgrade over passwords. Where it sucks: - I’m not comfortable trusting a big vendor with the keys to my digital life - I only have one device, so when I lose that device I’m locked out till I get another - I want to use my own password manager to handle passkeys - I am in multiple big vendor ecosystems - I want to export these private keys (this one is sort of coming, the standard has been defined to allow export and import, but again in such a way that the user (or malware) cannot access these private keys) |
|
|