• someone [comrade/them, they/them]@hexbear.net
      link
      fedilink
      English
      arrow-up
      10
      ·
      9 months ago

      Because it’s just a glorified password manager. But instead of your master password being kept securely in your head, your master password is now in the hands of Google or Apple or Microsoft.

      • blobjim [he/him]@hexbear.net
        link
        fedilink
        English
        arrow-up
        10
        ·
        edit-2
        9 months ago

        KeePassXC just today released support for storing passkeys in your own keepass database file. And they’re not just “glorified passwords”. They’re private keys that use challenge-response authentication so they’re never actually sent over the network. Harder to compromise.

        Using passkeys with some kind of personal database is ultimately an objective improvement over hodge podge username and password mechanisms, so they’re only going to continue being adopted further.

        The only case they don’t really work for is when you want to log in to a computer that doesn’t have access to your passkeys.