16 sats \ 0 replies \ @justin_shocknet 26 Apr freebie \ on: Passkeys: A Shattered Dream security
Apple user, not following best practices, blames protocol, for shitty Apple software simply so they had an opportunity to tell you how cool they are because they use Rust
Authentication always fails in the hands of users... it's not passkey specific.
Hell, even grizzled old Unix admins who's life revolves around SSH and PGP keys haven't come up with any great solutions- and have been at it since at least the 1980's
It's like blaming UX issues on Bitcoin/Nostr, when really that key management sucks and passwords are too insecure to be relied on for anything critical
Personally I've started messing with YubiKeys, they're taking off everywhere that manages critical systems and are the correct way to use Passkeys... but doing what I wanted with it took quite a bit of thought and debugging, there's no way your average user could have done it.
You can have something easy(ish), or something secure(ish). Pick one.