Thanks Chris....So what happens if you loose the USB key... ot you want to log into multiple devices simutainiouly...you go back to a password? Suppose you are using enryption and you loose the key are you permentaly locked out? The reason keys have been slow to be accepted is because nobody understands them and users feel uncomfortable using them ________________________________ From: Hardware <[email protected]> on behalf of Christopher Fisk <[email protected]> Sent: Thursday, October 9, 2025 7:46 AM To: [email protected] <[email protected]> Subject: Re: [H] Passkeys and login security?
Passkeys are a type of Multi-factor Authentication. MFA as you know is: - Something you know - Like a password, or a memorized PIN. - Something you have - Like a smartphone, or a secure USB key. - Something you are - Like a fingerprint, or facial recognition. Passkeys allow you to setup your smartphone or computer as a "Something you have". In this case, the computer itself. Unlocking your account with a password or a pin is a "Something you know", and using faceid or similar is the "Something you are" part. With google passkey, you're just moving the "Something you have" from your smartphone's Authenticator App, to your computer's physical hardware. This is why you should never create a passkey on a computer you don't own. Even if you log out of a computer, that passkey will stay on that computer and can be used to access your account. On Thu, Oct 9, 2025 at 12:03 AM _ Winterlight <[email protected]> wrote: > I am just as confused as you are. I bought a google passkey to use with my > Chromebook but I have the same concerns you articulated. Any article I read > about this they don't really explain it in depth. It is as if they think > everybody has a laptop and a phone and that's it. And If someone gets ahold > of your passkey does that mean they have access to any of your devicses. > How secrure it that! > ________________________________ > From: Hardware <[email protected]> on behalf of > Bino Gopal <[email protected]> > Sent: Monday, September 29, 2025 10:54 AM > To: [email protected] <[email protected]> > Subject: [H] Passkeys and login security? > > So I've been getting prompts for passkeys for a while now, and finally > gave in and set up a couple and stored them in 1Password... > > Question is tho, has anyone found a way to set up one passkey that syncs > across all your devices, as normally it's device dependent? > > Also, what about when you want to log in to an account for a new computer, > or a friend's computer, or a friend's phone, or a public terminal or when > you're traveling...? You still need the password in that case-if you're > not using your own mobile device, no? So it's not like you can turn > password access off unless you assume you'll never need to do that, no? > > And I still have MFA set up on those accounts, so how is it any better to > use passkeys, especially if I use an app-and not SMS/email for the MFA? > > Isn't password with MFA (especially if I need a physical Yubikey for > access) better than even passkeys and more useable in more instances? > > Thoughts? > > > BINO >
