Can any #ITSecurity folks point me to some useful resources on how #passkey actually works?
There are plenty of guides on how to use it, usually with a focus on one particular platform, but I can find very little implications on how it works or the implications of using it, other than broad, unqualified promises that it's safer and better.
=> More informations about this toot | More toots from growlph@greywolf.social
Okay, I thought I understood this, but then tried doing the demo on my iPhone and instead of creating a new passkey my iPhone gives me a QR code and asks me to take a picture of my iPhone with another iPhone and I'm back to being confused.
=> More informations about this toot | More toots from growlph@greywolf.social
Okay, apparently this was me forgetting I'd disabled Apple's built in password manager, meaning I had zero valid passkey providers on my phone, and it was (confusingly, but usefully) offering to hand-off the challenge to another device. Neat.
=> More informations about this toot | More toots from growlph@greywolf.social This content has been proxied by September (ba2dc).Proxy Information
text/gemini