undefined | Better HN

0 pointsNoMoreNicksLeft1y ago0 comments

> You shouldn't necessarily "sync" your passkeys across all your devices; each device should have its own passkey. Then if you lose a device (or that one device gets compromised), you revoke the one key and everything else is fine.

If he's storing his passkey in his password manager, it wouldn't matter that he lost the device. They can't get to it, it's AES-somebigassnumber-ed up the wazoo. If the passkey is cached outside of the password manager, then passkeys are a horrible idea, where you have to "go home and call the 800 numbers to cancel the credit cards", and worse still, people with few devices might end up in circumstances where they have no valid devices left to bootstrap access.

I am resigned to the fact that I will die with humanity never having solved the problem of passwords adequately, but being that I will live another two decades minimum, I will get to see two more of the stupidest possible non-solutions.

0 comments

vel0city1y ago

That's assuming the user does have a strong passphrase to protect their local password safe and the device wasn't compromised while the password safe was in an unlocked state.

If an attacker managed to get root on my machine right now, they'd get my whole password safe as its currently decrypted and in memory. However, they wouldn't be able to access any of my passkeys.

NoMoreNicksLeftOP1y ago

And if they get the passkey's private key, when you're signing some ticket to send off to prove identity? That has to be unlocked for that too, it's in memory somewhere.

Then they privilege escalate, lock out all your other devices after adding a new one, it's the same issue. And it's opaque, reinforces the ideas that users are too stupid to do anything right, so that we shouldn't even try.

vel0city1y ago

> That has to be unlocked for that too, it's in memory somewhere.

Its in-memory on my physical hardware token or a TPM or a secure-enclave, which only activates and unlocks after a valid identity challenge (fingerprint, physical touch, face scan, pin, etc.) not my main system's userspace memory. A massively different target.

j / k navigate · click thread line to collapse

0 pointsNoMoreNicksLeft1y ago0 comments

0 comments

vel0city1y ago

That's assuming the user does have a strong passphrase to protect their local password safe and the device wasn't compromised while the password safe was in an unlocked state.

If an attacker managed to get root on my machine right now, they'd get my whole password safe as its currently decrypted and in memory. However, they wouldn't be able to access any of my passkeys.

NoMoreNicksLeftOP1y ago

And if they get the passkey's private key, when you're signing some ticket to send off to prove identity? That has to be unlocked for that too, it's in memory somewhere.

vel0city1y ago

> That has to be unlocked for that too, it's in memory somewhere.

j / k navigate · click thread line to collapse