| Passkeys | ||
|---|---|---|
 |
Chapter 6. Authentication |  |
| Passkeys | ||
|---|---|---|
| |
Chapter 6. Authentication | |
Phishing is used by cyber-attacks to get password and user names (email, man in the middle attacks). Since Passkeys do not use user names an passwords there is no danger form this side.
Passkeys uses private and public keys. The keys can be managed different ways.
Private key (passkey) can are handled by the Authenticator and the corresponding public key is on the server.
The Authenticator can be and/or store the private keys (passkeys) on:
FIDO physical device
in the cloud. Having them in the cloud lowers the risk that they got lost, however cloud solutions are less safe.
Password managers as KeepassXC (and its browser extension keepassxc-browser, the Gentoo keepassxc ebuild has the browser useflag to support this) inside keepass the browser extension must be enabled. The browser extension needs to be configured after that and gets a connection name. In the browser extension there is also a setting that enables passkeys
TPM (Trusted Platform Module) found on PC motherboards.
Mobile devices
https://passkey.org/ has a demo to test passkeys
| |
|
|
| Gnupg |
|
FIDO |
