mccDec 4

So here's what stops me from using Passkeys.

- I want Passkeys.
- I want to use "BitWarden".
- BitWarden can use passkeys on all my platforms incl Android.
- However, I do not install BitWarden on all my computers, because I don't trust some of them to hold my BitWarden vault.
- This means I have to have a way of "airgapping" the passkey— some way of using a passkey on a phone, is a computer.
- The ONLY way to do this the FIDO Alliance allows requires Bluetooth.
- My computer doesn't have that.

Show threadmccDec 4
I don't want to enable Bluetooth on my phone and I don't want to buy a Bluetooth card for my aging desktop. Moreover FIDO views "airgapping" as a security risk. They believe that banning "airgapping" is a necessary component of "anti-phishing", and "anti-phishing" is a highest-priority goal of the FIDO alliance. "Anti-phishing" is not a goal I have, but it is SO important to the FIDO alliance they'd rather I not use passkeys at all than me have passkeys but be allowed to airgap them.
Show threadIrenes (many)Dec 4
@mcc your conclusion is correct, you should just not use it for now
Show threadmcc
@ireneista Dunno where "for now" comes in, tho. It's not that this is a missing feature, it's that the feature I want is something the FIDO alliance has done extensive work to prevent being possible, and will one assumes work to prevent being possible in the future as well.
Dec 4 at 11:26pmWeb
Show threadIrenes (many)Dec 4
@mcc until something fundamental changes about either the industry or your requirements
Show threadIrenes (many)Dec 4
@mcc sometimes when we're patient enough we can just out-wait bad ideas