Hacker News new | ask | show | jobs
by AJRF 344 days ago
I have a degree in computer science, 10 years experience in some complicated fields and I can’t figure out PassKeys.

They are woefully designed and implemented, wish we just cut our losses with them and stopped pushing them.

Tuck them away in settings, not on the default login path.
4 comments
kjuulh 344 days ago
I felt the same when implementing OpenID connect flows according to spec. It uses the browser in creative ways ;) Especially the device flow, absolutely insane complexity for what it is.
link
tallanvor 344 days ago
They're just public/private keypairs that are generated either by a device (whether it's part of you phone, computer, or hardware key), browser, or password manager. I do agree that it can be a bit of a pain when it comes to multiple managers trying to offer to save/respond to a passkey, but otherwise it's a fairly straightforward exchange.
link
AJRF 344 days ago
> They're just public/private keypairs that are generated either by a device (whether it's part of you phone, computer, or hardware key), browser, or password manager

Now imagine saying that sentence to a person outside tech

link
fragmede 344 days ago
Why would you give the technical explanation to a person that doesn't want the technical explanation? To the person outside of tech, passkeys are just your phone has a really good password and fills it out for you. Just use that and don't bother having to remember (and forget) another password.
link
AJRF 344 days ago
> To the person outside of tech, passkeys are just your phone has a really good password and fills it out for you

Except that is _not_ true, there is an entire thread of people saying they are unintuitive and hard to understand!

link
decimalenough 344 days ago
A monad is just a monoid in the category of endofunctors, what's the problem? Ape holders can use multiple slurp juices on a single ape, so if you have 1 astro ape and 3 slurp juices you can create 3 new apes.
link
escapecharacter 344 days ago
CVS keeps pushing them for their pharmacy login. So annoying.
link
sydbarrett74 344 days ago
Agree. The UI/UX is atrocious at present. The concept has flaws, but IMO it substantively raises the floor security-wise.
link