1. Forum
  2. Usenet
  3. COMP.SYS.MAC.SYSTEM

  • Passkeys - transition

    From Alan Browne@21:1/5 to All on Thu Jan 18 09:26:41 2024
    XPost: misc.phone.mobile.iphone

    Starting to look at passkeys and have used the demo at
    https://www.passkeys.io/

    Haven't committed whole hog to it yet but will transition during 2024.
    This is a part of my "abandoning the assholes of the rental software
    economy", to whit: agilebits (1Password).

    While passkeys don't absolutely replace passwords they do replace the
    use of them. Thus, if one loses all of his devices (a house fire, for example), the ability to log into, eg, Apple, provides for the recovery
    of the passkey private/public keys. So - still need to remember ones
    AppleID password.

    (If that para seems bizarre, do note that passkeys is device oriented
    and assumes only the proper owner of the device can open the device
    based on biometrics, device specific password or PIN. So if one lost
    all of their devices they would be locked out of their accounts - in the
    case of Apple (and presumably others), the private/public key pair are encrypted and saved with your AppleID).

    A "cool" thing about it: I set up a passkey for the site above from my
    Mac, and the private key was wrapped and securely shared with my other
    devices. Thus, just using Face ID on my iPhone I could log in. Yeah,
    that Apple Country Club experience. (Not sure how this is implemented
    if one is Windows or Google "oriented", but there is surely a similar mechanism).

    Curious to know if others have begun using passkeys and with which sites.

    <re-post - 1st try seems to have been lost>

    --
    โ€œMarkets can remain irrational longer than your can remain solvent.โ€
    - John Maynard Keynes.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Jolly Roger@21:1/5 to Alan Browne on Fri Jan 19 01:22:06 2024
    XPost: misc.phone.mobile.iphone

    On 2024-01-18, Alan Browne <bitbucket@blackhole.com> wrote:

    Starting to look at passkeys and have used the demo at https://www.passkeys.io/

    Haven't committed whole hog to it yet but will transition during 2024.
    This is a part of my "abandoning the assholes of the rental software economy", to whit: agilebits (1Password).

    While passkeys don't absolutely replace passwords they do replace the
    use of them. Thus, if one loses all of his devices (a house fire, for example), the ability to log into, eg, Apple, provides for the
    recovery of the passkey private/public keys. So - still need to
    remember ones AppleID password.

    (If that para seems bizarre, do note that passkeys is device oriented
    and assumes only the proper owner of the device can open the device
    based on biometrics, device specific password or PIN. So if one lost
    all of their devices they would be locked out of their accounts - in
    the case of Apple (and presumably others), the private/public key pair
    are encrypted and saved with your AppleID).

    A "cool" thing about it: I set up a passkey for the site above from my
    Mac, and the private key was wrapped and securely shared with my other devices. Thus, just using Face ID on my iPhone I could log in. Yeah,
    that Apple Country Club experience. (Not sure how this is implemented
    if one is Windows or Google "oriented", but there is surely a similar mechanism).

    Curious to know if others have begun using passkeys and with which
    sites.

    I've meaning to get round to doing this. Happy to learn from your
    experience in the mean time. ๐Ÿ™‚๐Ÿ‘๐Ÿผ

    --
    E-mail sent to this address may be devoured by my ravenous SPAM filter.
    I often ignore posts from Google. Use a real news client instead.

    JR

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Alan Browne@21:1/5 to Jolly Roger on Fri Jan 19 10:56:40 2024
    XPost: misc.phone.mobile.iphone

    On 2024-01-18 20:22, Jolly Roger wrote:
    On 2024-01-18, Alan Browne <bitbucket@blackhole.com> wrote:

    Starting to look at passkeys and have used the demo at
    https://www.passkeys.io/

    Haven't committed whole hog to it yet but will transition during 2024.
    This is a part of my "abandoning the assholes of the rental software
    economy", to whit: agilebits (1Password).

    While passkeys don't absolutely replace passwords they do replace the
    use of them. Thus, if one loses all of his devices (a house fire, for
    example), the ability to log into, eg, Apple, provides for the
    recovery of the passkey private/public keys. So - still need to
    remember ones AppleID password.

    (If that para seems bizarre, do note that passkeys is device oriented
    and assumes only the proper owner of the device can open the device
    based on biometrics, device specific password or PIN. So if one lost
    all of their devices they would be locked out of their accounts - in
    the case of Apple (and presumably others), the private/public key pair
    are encrypted and saved with your AppleID).

    A "cool" thing about it: I set up a passkey for the site above from my
    Mac, and the private key was wrapped and securely shared with my other
    devices. Thus, just using Face ID on my iPhone I could log in. Yeah,
    that Apple Country Club experience. (Not sure how this is implemented
    if one is Windows or Google "oriented", but there is surely a similar
    mechanism).

    Curious to know if others have begun using passkeys and with which
    sites.

    I've meaning to get round to doing this. Happy to learn from your
    experience in the mean time. ๐Ÿ™‚๐Ÿ‘๐Ÿผ

    Not a whole lot to say, so far.

    - Amazon, works (Safari, Chrome / Mac, iPhone) - can turn off 2FA (need
    to do this one-by-one for each browser, alas).

    - Apple, doesn't work (as a sign in on the Apple sites (ID, Store)) but
    it is set up for that eventuality if it occurs. OTOH, my Apple ID's
    keychain is the repository for the Passkeys, so it's propagated
    (securely) to my other devices.

    - GitHub

    - test site as mentioned

    - My banks don't support Passkeys (yet?)

    And of course since I use Passwords on my Mac, when I log into a known
    site I get a prompt to use Passwords for the account username which of
    course supplies (also) the site password. Sort of end-running the
    purpose of Passkeys.

    So - until this is all "burned in" as to habits, it's not paying off in
    any great way (other than turning off 2FA on Amazon).

    Not that many sites on board, alas: https://www.passkeys.io/who-supports-passkeys

    Offhand, people with a "password habit" are going to find transitioning
    a little tedious as each site needs to be visited to set up the passkey,
    which means (of course) using the current password (of course).

    This isn't a sprint.
    It's no marathon.
    A walk would be faster.
    ... crawl on...

    --
    โ€œMarkets can remain irrational longer than your can remain solvent.โ€
    - John Maynard Keynes.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)