publicvoit,
@publicvoit@graz.social avatar

"#Apple Keychain has personally wiped out all my #Passkeys on three separate occasions. There are external reports we have received of other users who's #Keychain Passkeys have been wiped just like mine."

"At this point I think that Passkeys will fail in the hands of the general consumer population."

https://fy.blackhats.net.au/blog/2024-04-26-passkeys-a-shattered-dream/

My conclusion would be different though. Instead of going back to classic #passwords, I recommend using #FIDO2 hardware tokens wherever you can as 2nd factor.

#security

rusty1281,
@rusty1281@fosstodon.org avatar

@publicvoit Maybe a password manager would be a better solution. @bitwarden perhaps?

publicvoit,
@publicvoit@graz.social avatar

@rusty1281 Nope.

A PW manager is better than no PW manager.

A local PW manager is MUCH better than any PW mgt service. (So I'd rule out bitwarden if not self-hosted and self-controlled on a hardened server not doint anything else and perhaps not exposed to Internet.)

FIDO2 is still the golden standard. There is no higher level of security and trust than FIDO2 hardware tokens. Everything else is a compromise with a lower level of security IMHO.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • apple
  • ngwrru68w68
  • rosin
  • GTA5RPClips
  • osvaldo12
  • love
  • Youngstown
  • slotface
  • khanakhh
  • everett
  • kavyap
  • mdbf
  • DreamBathrooms
  • thenastyranch
  • magazineikmin
  • megavids
  • InstantRegret
  • normalnudes
  • tacticalgear
  • cubers
  • ethstaker
  • modclub
  • cisconetworking
  • Durango
  • anitta
  • Leos
  • tester
  • provamag3
  • JUstTest
  • All magazines
    •