Move over passwords, passkeys are my new best friend! | Daphne Liu | SeattleJS Conf 2023
ฝัง
- เผยแพร่เมื่อ 2 ต.ค. 2024
- We know all passwords are essential but they also suck. The traditional password-based authentication system is riddled with vulnerabilities and usability challenges. On World Password Day (yes, it's a thing!) 2023, Google rolled out the next step towards a passwordless future: passkeys. In this talk, we will delve into the emerging use of passkeys - what they are, how they work, and where they can be used. We will explore how they are resistant to phishing and how you, as a developer, can use them to make your apps more secure. Worried about losing your password? passkeys are here to save the day!
seattlejs.com/...
Beginning with 5:54 there is a bit confusing info. "Hardware security keys" can also store "passkeys" so there doesn't have to be a "difference" between the two, security-wise. Here, she uses "passkeys" as "syncable passkeys" - but there are two types of passkeys: 1. hardware-bound/device-bound passkeys and 2. syncable/"software-bound" passkeys (the latter are sometimes also called "multi-device" or "cloud-based" passkeys"). So a passkey on a security key would be "hardware-/device-bound". A passkey stored in a password manager would be a "syncable passkey".