Difference between revisions of "Passkey"
(→Portability) |
(→References) |
||
| Line 25: | Line 25: | ||
==References== | ==References== | ||
| + | <references /> | ||
| + | ===Other Material=== | ||
| + | * For a more generic solutions check out this wiki page: [[Vendor Relationship Manager]], | ||
| + | |||
[[Category: Authentication]] | [[Category: Authentication]] | ||
[[Category: Factor]] | [[Category: Factor]] | ||
Revision as of 12:44, 27 April 2024
Contents
Full Title or Meme
As the name Passkey suggests, it requires dual verification of an account before someone can sign-in to that account.
Context
With Passkeys there’s a subtle difference to FIDO 2.0 as it surrounds a multi-device Fast Identity Authentication with another protocol. Passkey uses a notification, which is generally sent to an individual’s smartphone during a log-in process and lets them authenticate their credentials. Often, this is done using a PIN or biometric process and thereby removes the need for conventional letter and number combination passwords.[1]
Features
- Passkeys can be synced between devices where enabled by the device. This feature can be blocked by using device-bound Passkeys.
- The user must unlock the passkey on the device before it is used. Typically a Biometric Factor or pin is used.
Problems
- I Stopped Using Passwords. It’s Great—and a Total Mess Wired 2024-02
+ The credentials created by a web connected user on a browser are completely useless when the underlying protocol insistes on some complex format like SD-JWT.
Acceptance
- Passkeys support by both Apple and Google. See the website for details.
- By the end of 2023 it looks like more people are using passkeys than expected.[2]
1Password experienced a particular spike in October 2023, correlating with big companies like Amazon and WhatsApp rolling out their support for passkeys during this month, with over 70,000 created between October 16-22 alone.
Portability
Vendor Relationship Management (via Doc Searls) is coming true but it is fully hidden behind terms like:
- Password Management,
- Credential Management,
- Portable Passkeys.
But the point is that a human being can move their access and metadata about the sites that they visit as a part of their daily life. I hope it works out! I hope they make the result extensible. See this video clip from Rew Isalm and Nick Steele.
References
- ↑ FIDO Passkeys - Accelerating the Availability of Simpler, Stronger Passwordless Sign-Ins https://fidoalliance.org/passkeys/
- ↑ Lewis Maddison, Looks like more people are using passkeys than expected 1Password sees passkeys exceed 700k (2023-12-21) https://www.techradar.com/pro/security/looks-like-more-people-are-using-passkeys-than-expected
Other Material
- For a more generic solutions check out this wiki page: Vendor Relationship Manager,
