“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.

  • @[email protected]
    link
    fedilink
    English
    231 month ago

    When a website gets hacked they only find public keys, which are useless without the private keys.

    Private keys stored on a password manager are still more secure, as those services are (hopefully!) designed with security in mind from the beginning.

    • @[email protected]
      link
      fedilink
      English
      41 month ago

      If a website with old-school passwords gets hacked, the hacker only gets salted hashes of passwords - this does not seem to be much worse?

      (Websites that store plaintext passwords surely won’t implement passkeys either…)