📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

Passkey confusion

Options
Monanore
Monanore Posts: 82 Forumite
10 Posts First Anniversary Name Dropper
Looks like they're going to make our life even more difficult.  Apparently I won't have a password, but an ID tied to a specific device. It can be a PIN.  But I can only use it on one device !  Or I'd have to set up syncing or some such nonsense which I don't understand.  So, suppose I want to do an important transaction on my laptop and the laptop isn't working.  I'm stuffed !
«1

Comments

  • flaneurs_lobster
    flaneurs_lobster Posts: 6,585 Forumite
    Sixth Anniversary 1,000 Posts Photogenic Name Dropper
    Can you be more specific? Who is "they"? Don't think you are quite understanding how passkeys work but tell us which service you are referring to and we might be able to help.

    I'm not aware of any of the major (or any other) service that is insisting that their users switch to passkeys exclusively. they all have more traditional (and less secure) access methods available.
  • DullGreyGuy
    DullGreyGuy Posts: 18,613 Forumite
    10,000 Posts Second Anniversary Name Dropper
    Monanore said:
    Looks like they're going to make our life even more difficult.  Apparently I won't have a password, but an ID tied to a specific device. It can be a PIN.  But I can only use it on one device !  Or I'd have to set up syncing or some such nonsense which I don't understand.  So, suppose I want to do an important transaction on my laptop and the laptop isn't working.  I'm stuffed !
    It's not tied to a specific device but a private key. If you use "syncing or some such nonsense" then the key can replicate across all your devices. 

    For most its a convenience and with all you can fall back to using a password etc if your laptop isnt working and you haven't figured out syncing
  • Vitor
    Vitor Posts: 659 Forumite
    500 Posts First Anniversary Photogenic Name Dropper
    edited 6 June at 5:06PM
    Passkeys are an alternative, potentially more secure alternative to logging in with passwords which can be keylogged etc., but they don't replace passwords so you can always login from a new device. NB If you are really concerned about security, the passkey is stored in a USB device such as a Yubikey that is portable between devices. 

    Say Goodbye to Passwords: Passkeys Explained Simply
  • PHK
    PHK Posts: 2,294 Forumite
    Eighth Anniversary 1,000 Posts Photogenic Name Dropper
    Monanore said:
    Looks like they're going to make our life even more difficult.  Apparently I won't have a password, but an ID tied to a specific device. It can be a PIN.  But I can only use it on one device !  Or I'd have to set up syncing or some such nonsense which I don't understand.  So, suppose I want to do an important transaction on my laptop and the laptop isn't working.  I'm stuffed !
    The fact that you don't understand it doesn't make it nonsense or your life more difficult. 

    If your laptop wasn't working then you wouldn't be able to use it whether you had a password or passkey. 

    The point with a passkey is you have two things, a device and a key. So even if someone gets your key then it won't work without the device and vice versa. The Key can be biometric, a password or a device like a Yubikey.

    If you want to log in elsewhere then the passkey prompt will still appear on the device. 

    For example, if your phone and fingerprint form the passkey. Suppose you want to log in on a tablet. The tablet will display a QR code, you scan that with your phone authorise the login with you fingerprint and that logs you in on the tablet. Mich more secure and easier to use than a password.  
  • Vitor
    Vitor Posts: 659 Forumite
    500 Posts First Anniversary Photogenic Name Dropper
    edited 7 June at 8:35AM
    The Key can be biometric, a password... -

    I think you're conflating 2FA techniques in general and passkeys, the later are based on 
    public key cryptography

  • Monanore
    Monanore Posts: 82 Forumite
    10 Posts First Anniversary Name Dropper
    Sorry, I was annoyed at reading about passkeys for the first time so I wasn't clear.    It seems that when they are brought in, and tied to a specific device you would not be able to access the same website on a different device.  You would have to set up different passkeys for each website on each device, or get more technical and start getting syncing set up, all wrapped up in Google or whatever - it's all so confusing.  A lot of inconvenience for those who understand and a nightmare for those who don't.  
    And, mark my words, when it's made compulsory ( and it will be ), the scammers will be ahead of it and turn it to their advantage - just like they have done recently with Captcha.  Me? Cynical?

  • km1500
    km1500 Posts: 2,790 Forumite
    1,000 Posts Second Anniversary Name Dropper
    PHK said:
    Monanore said:
    Looks like they're going to make our life even more difficult.  Apparently I won't have a password, but an ID tied to a specific device. It can be a PIN.  But I can only use it on one device !  Or I'd have to set up syncing or some such nonsense which I don't understand.  So, suppose I want to do an important transaction on my laptop and the laptop isn't working.  I'm stuffed !
    The fact that you don't understand it doesn't make it nonsense or your life more difficult. 

    If your laptop wasn't working then you wouldn't be able to use it whether you had a password or passkey. 

    The point with a passkey is you have two things, a device and a key. So even if someone gets your key then it won't work without the device and vice versa. The Key can be biometric, a password or a device like a Yubikey.

    If you want to log in elsewhere then the passkey prompt will still appear on the device. 

    For example, if your phone and fingerprint form the passkey. Suppose you want to log in on a tablet. The tablet will display a QR code, you scan that with your phone authorise the login with you fingerprint and that logs you in on the tablet. Mich more secure and easier to use than a password.  
    What happens if your phone is lost or stolen? (genuine question)
  • Vitor
    Vitor Posts: 659 Forumite
    500 Posts First Anniversary Photogenic Name Dropper
    What happens if your phone is lost or stolen?- 

    You login with your credentials, satisfy the 2FA with the backup method and regenerate the passkey to store on your new phone. 
  • PHK
    PHK Posts: 2,294 Forumite
    Eighth Anniversary 1,000 Posts Photogenic Name Dropper
    Vitor said:
    - The Key can be biometric, a password... -

    I think you're conflating 2FA techniques in general and passkeys, the later are based on public key cryptography

    No I am not, it's the combination of the device + method (biometric, password or PIN) that makes it a passkey
  • Vitor
    Vitor Posts: 659 Forumite
    500 Posts First Anniversary Photogenic Name Dropper
    edited 7 June at 6:02PM
    It’s actually the public key cryptography that defines a passkey, not the device unlock method. The PIN or biometric simply authorises the device to use the private key securely stored on it. This distinction is important, because it’s what makes passkeys resistant to phishing and different from typical two-factor authentication.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 351.1K Banking & Borrowing
  • 253.2K Reduce Debt & Boost Income
  • 453.6K Spending & Discounts
  • 244.1K Work, Benefits & Business
  • 599.1K Mortgages, Homes & Bills
  • 177K Life & Family
  • 257.5K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.