Ricky MondelloOct 6, 2023

If you can drop a single device in a lake and lose your credential, it’s not a passkey. Passkeys are backed up and synced across your devices to deliver a great and safe user experience, while also eliminating phishing.

If it’s device-bound, it’s not a passkey. :)

Show threadNickOct 6, 2023

@rmondello if we’re going to accept that, then someone needs to have a chat with Yubico:

https://www.yubico.com/resources/glossary/what-is-a-passkey/

> The widely accepted passkey definition simply specifies that cryptographic keys are used for login rather than passwords.

I myself tend to agree with this, and I would argue that if you’re trying to make a distinction between different types of passkeys, neither of the derivatives should be called just “passkey.”

What is Passkey? Definition and Related FAQs

Learn the definition of Passkeys and get answers to FAQs regarding: What is a Passkey?, How do Passkeys work?, and more.

Yubico
Show threadRicky MondelloOct 6, 2023
@e3b0c442 I am intentionally disagreeing with this definition because I think that thinking about “passkey” in this way will confuse consumers and harm the adoption of the best password replacement the industry has come up with.
Show threadNickOct 6, 2023
@rmondello Honestly, I think this is a mountain/molehill situation, and not worth the energy. The vast majority of users are going to be well-served by consumer-level distributed passkeys. The people that need hardware tokens are going to understand why they need them and what the tradeoffs are. There’s really no need to disambiguate at the level you’re advocating for — they both work in the same way to replace passwords with non-phishable cryptographic authentication.
Show threadNick
@rmondello an analogy — push mowers and big commercial riding lawn mowers are both lawn mowers. By your logic, we would call the commercial mower something else, but there’s really no need here. They do the same thing, again with tradeoffs. In the mowers’ case, size and price.
Oct 6, 2023 at 4:04pmMastodon for iOS