top | item 47191520

(no title)

pibaker | 1 day ago

Biometric keys are still a niche techie thing that the average person probably doesn't even know exist. Most people will be using passkeys exclusively through their phones, often unintentionally. And outside the first world it is not uncommon for people do own no computing devices apart from their phones.

Backup keys and recovery codes also do not solve all cases of key loss. One thing I worry about is what happens if I am traveling in a foreign country and loses my belongings. In the past if I can convince someone to let me use his computer I can at least log into my email account as long as I remember my password. If everything is passkey then I will be locked out of all my online accounts until I make it back home, assuming that I have actually properly set up the backup device and keys. Humans are not very good at making sure that backups actually work.

discuss

utopiah|1 day ago

> Biometric keys are still a niche techie thing that the average person probably doesn't even know exist.

Is it? Maybe I'm in a bubble but feels like most people I know unlock their phone with biometrics. Sure few do that on their laptop, even less on their desktop, but I imagine that explaining it's "like unlocking your phone" would help those very numerous people (if you have metrics on biometrics on phone, please do share, genuinely curious) see that it's basically doing what they already do on more devices.

OJFord|17 hours ago

GP is talking about use of a separate device for it - Yubikey, Nitrokey, et al.

I don't know why biometric models specifically here, I'm 'niche techie' enough to have several Yubikeys, but even I don't have a biometric one.

tuwtuwtuwtuw|1 day ago

Your email account would hopefully have 2FA enabled, so if you lose your belongings, then how would you log on in your scenario?

Assuming your 2FA tokens are generated by phone, of course. But I think that's by far the most common way.