Passkeys replace passwords with encrypted key pairs that can’t be phished or leaked. Learn how FIDO2 and WebAuthn work, their pros and flaws.

Passkeys are built on the FIDO2 standard (CTAP2 + WebAuthn standards). They remove the shared secret, stop phishing at the source, and make credential-stuffing useless.

But adoption is still low, and interoperability between Apple, Google, and Microsoft isn’t seamless.

I broke down how passkeys work, their strengths, and what’s still missing

  • Netrunner@programming.devEnglish
    6·
    4 months ago

    Passkeys are cool but you still need 2fa. Which may as well be a passkey itself.

    One factor is not great even if it’s a passkey.

    • saltesc@lemmy.worldEnglish
      5·
      4 months ago
      1. Built-In Two-Factor Security – Passkey logins use your private key stored on your device and your face or your fingerprint or your PIN. Unlike password, these cannot be easily replicated by a scammer.