• realitista@lemm.ee
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    14
    ·
    edit-2
    28 days ago

    For me, I’d prefer that everyone just adds biometric authentication techniques. A couple websites do this already and it’s great. Many devices have biometrics built in already and if this was widespread I’d certainly have no problem buying a fingerprint reader for my desktop computer.

    • Spotlight7573@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      27 days ago

      You do realize that your biometric authentication techniques don’t actually send your biometrics (e.g. fingerprint/face) to the website you’re using and that you are actually just registering your device and storing a private key? Your biometrics are used to authenticate with your local device and unlock a locally-stored private key.

      That private key is essentially what passkeys are doing, storing a private key either in a password manager or locally on device backed by some security hardware (e.g. TPM, secure enclave, hardware-backed keystore).

      • realitista@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        27 days ago

        Sure I knew that. I just didn’t know if that was a “passkey” or some other private key mechanism.