I haven't really followed infosec in a long time, and when I'm wearing my end user hat, passkeys just seem to translate to biometrics. I realize this is probably a reductive abstraction, but does an end user really benefit from a deeper understanding? As long as this abstraction isn't totally delulo I can live with it.
Kingsley Joseph On Mon, Aug 4, 2025 at 9:31 AM Ameya Nagarajan via Silklist < [email protected]> wrote: > I toyed with passkeys briefly, and then asked all my digisec friends in > our vast signal group if I should bother when I have randomized 20 char > passwords in bitwarden and a Titan key for all important logins and got so > many differing opinions I decided I would wait till there was consensus. > I still can't see how they are different from passwords... But I also > haven't had the time to read those nice links, so let me do that and return > if I still can't get it. > > > Cordially, > Ameya Nagarajan > (she/her) > > <http://www.linkedin.com/in/ameyann> > > > > > > On Fri, 1 Aug 2025 at 11:00, Sriram Karra via Silklist < > [email protected]> wrote: > >> On Thu, 31 Jul 2025, 20:36 Udhay Shankar N via Silklist, < >> [email protected]> wrote: >> >>> >> E.g, with my google account, after adding a passkey, for some reason the >>> pre-existing hardware token based 2FA (yubikey) stopped working. >>> >> >> That is definitely not expected behaviour. I will ping you off list. >> >> -Karra >> -- >> Silklist mailing list >> [email protected] >> https://mailman.panix.com/listinfo.cgi/silklist >> > -- > Silklist mailing list > [email protected] > https://mailman.panix.com/listinfo.cgi/silklist >
-- Silklist mailing list [email protected] https://mailman.panix.com/listinfo.cgi/silklist
