“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.

You are viewing a single thread.
View all comments View context
11 points

That’s a great way to lose access if your device gets lost, stolen, or destroyed. Which is why I’m against and will continue to be against forcing 2FA and MFA solutions onto people. I don’t want this, services don’t care if we’re locked out which is why they’re happy to force this shit onto people.

permalink
report
parent
reply
4 points

Well yeah, that is true. Security and convenience are usually at odds… MFA has place, unless you don’t mind some guy from russia access your online bank account ; but I definitely wouldn’t use it on all my accounts.

permalink
report
parent
reply
4 points

Yeah and since Online bank accounts can also almost always be reset if you lose the 2FA/MFA key by calling customer support, or going to your bank and speaking with themt in person, there’s almost no risk of losing access completely. It’s a service you have access to because you’re you. Something that isn’t the case with Reddit, Github, Lemmy accounts, or Masotodon. I’m not able to regain access after losing those 2FA solutions by virtue of being myself, they treat you just like the attacker in those cases. Really not worth it there, both since what is being protected isn’t worth it, and the risk far outweighs it.

permalink
report
parent
reply

Access to my main email account (outlook) is currently blocked because someone decided to try a password from some earlier leak and locked it. It can only be unlocked with SMS MFA, which I can’t use because I’m travelling abroad. There is no other way to do it. The other option they give you a form that only works if you don’t have MFA set up (it says so on the faq). I even asked someone to fill the form from my home computer so the location data matches earlier accesses, but didn’t work. You also can’t contact support without logging in. If I had lost/changed that phone number for any reason, I would lose access forever. Luckily I will be back home soon.

permalink
report
parent
reply
2 points

In case the device gets lost/stolen, you should have a backup of the database that contained the passkeys. That’s why I would be only using the implementations that allow doing that easily.

permalink
report
parent
reply

Technology

!technology@lemmy.world

Create post

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


Community stats

  • 15K

    Monthly active users

  • 6.7K

    Posts

  • 153K

    Comments