Joe Brockmeier (@jzb)Sep 23, 2024

Authenticating to a website, 2010: Type in username and password

Authenticating to a website, 2024:
- Type in username
- Look up 20-character password in password keeper
- wait
- Prompt for 2FA token
- Dig out phone
- Unlock phone
- Scroll through 50 services to find 2FA token for website
- Type in 2FA token
- Success
- Receive email alerting you to the fact you've logged in
- Six weeks later: receive email telling you service had been compromised eight weeks ago and you must change password.

Show threadPelle Wessman
@jzb 2024 should be passkeys, you’re at most describing 2020-2022
Sep 24, 2024 at 3:51pmIvory for iOS
Show threadLocksmithSep 24, 2024
@voxpelli @jzb
Which is another device providing a key and which device requires a pin or password or fingerprint to unlock.
Show threadPelle WessmanSep 24, 2024
@locksmithprime @jzb On Apple devices it’s the same password / mechanism you use to log into the device (Face ID / Touch ID with fallback to password)
Show threadFrost「|霜の狼|人面獣心」Sep 26, 2024
@voxpelli @jzb Honestly these "passkeys" are being pushed so hard by corpos that we don't trust them. So nah, still passwords for us.
Show threadhttps://j0.lolSep 29, 2024
@frost its being pushed hard by corpos because its good and it has to be implemented on a per OS / browser basis. its good tech please dont sleep on this one