Royce WilliamsJan 14
Trying out Marlinspike's interesting new private/encrypted LLM, Confer.to . I created an account on my phone, and it prompted me to create a passkey, which was intercepted by 1Password for storage. But when I trigger the magic link to log in via email on desktop under Chrome, the server triggers a request for passkey that is interpreted on my Chrome side as being a query for a physical key only. So I cannot seem to figure out how to use the passkey stored in 1Password anywhere other than on the phone where it was created. The interface also seems to have no mechanism for viewing passkeys, or adding more than one passkey. This means I can currently only log into the service from one device.
Show threadJason TschohlJan 14

@tychotithonus I wanted to try but they don't support Bitwarden, or Bitwarden doesn't support something that Confer uses.

Once again this shows where passkeys, while great, are very problematic because they are anything but seamless.

Show threadScott FrancisJan 14
@jason_tschohl @tychotithonus this has been exactly my experience with passkeys lately. Sticking with Yubikeys or TOTP wherever possible.
Show threadJason Tschohl

@darkuncle @tychotithonus It's why I have ONE, yes, ONE passkey saved in Bitwarden. That's Amazon on MY linux computer.

The main reason for this is my wife. She does 95% of everything on her iPhone. The iOS experience (any experience really) with passkeys is maddening. Althought iOS randomly logs her out of Amazon (i have no idea why) and then she gets multiple pop ups about Bitwarden passwords or using a Passkey which may be in multiple places. She still doesn't under stand what a passkey even is, no matter how many times I try to explain it.

It's easier, and safer for me in general to leave it passwords and TOTP. My wife gets that. She doesn't get passkeys because it'll work on her phone but not her laptop, or not a kids tablet or laptop where the passkey may not have synced if it can sync at all.

Jan 14 at 5:04amWeb
Show threadScott FrancisJan 14
@jason_tschohl @tychotithonus yeah, the *idea* here is a great one, but the implementation gaps are full of sharp edges