Password managers like 1Password and Bitwarden support it already or are planning to in the near future, so you will be able to sync them across devices. And I’m pretty sure they will be stored in the iCloud and Google password managers as ways to lock in users even more
Exactly what I’ve been doing. I don’t like them being saved on-device, and I don’t want to create multiple, so 1password handles it for me. Has been really convenient, however only around 10 platforms total have let me add a passkey, out of some 1300 passwords I have registered. Quite a slow rollout
I’m with ya. I need to see kind of how it pans out. How smooth it is, how device changing works, how in general sites handle lost passkeys. Then I’ll decide. I want security but I’m also not looking for even more hassle then my current method of strong passwords and 2FA.
Keys, like everything in digital devices, are just strings of data.
So if they are on device, it’s the matter where they are stored on the device.
Google and Apple implementations are going to store them in secure TPM chip, basically once written there should be no way (people knowing darker side of TPM can disagree) to get them back.
But, if I understand correctly, there is no forced way how to store them in the spec, there can just be a way Google implement it in such a way, hope they add open API to Android.
I like the idea of passkeys, but one thing that I’m still not clear on is what happens to them when I get a new phone.
It says the passkeys are stored on the device, so would I need to keep my previous phone around to be able to sign in on the new phone?
Password managers like 1Password and Bitwarden support it already or are planning to in the near future, so you will be able to sync them across devices. And I’m pretty sure they will be stored in the iCloud and Google password managers as ways to lock in users even more
deleted by creator
I use Bitwarden, so that will make things easy.
Thank you!
Exactly what I’ve been doing. I don’t like them being saved on-device, and I don’t want to create multiple, so 1password handles it for me. Has been really convenient, however only around 10 platforms total have let me add a passkey, out of some 1300 passwords I have registered. Quite a slow rollout
I’m with ya. I need to see kind of how it pans out. How smooth it is, how device changing works, how in general sites handle lost passkeys. Then I’ll decide. I want security but I’m also not looking for even more hassle then my current method of strong passwords and 2FA.
Keys, like everything in digital devices, are just strings of data. So if they are on device, it’s the matter where they are stored on the device.
Google and Apple implementations are going to store them in secure TPM chip, basically once written there should be no way (people knowing darker side of TPM can disagree) to get them back. But, if I understand correctly, there is no forced way how to store them in the spec, there can just be a way Google implement it in such a way, hope they add open API to Android.
deleted by creator