A lot of services support passkeys. Microsoft even has an option to make my account “passwordless”. Since they are more secure than passwords, will you be switching some / most of your accounts to passkeys any time soon? Interested to hear everyone’s thoughts on passkeys. 🔑

  • Dark Arc
    link
    fedilink
    English
    23 months ago

    Reading through all the jargon and simplifying it, the answer: yes they’re the same in the way you mean.

    “SSH” and “passkey” are both technologies built on asymmetric cryptography. They thus at a fundamental level do work in the same way, it’s all the protocol and practices stuff that gets bolted on that is where things become different and where things took time to get into place so we could use these things on the web (and not just “we” who know what SSH is but “we” who make up society).

    Arrghghgh! Orwell was right about people’s incredibly capacity to write with zero clarity.

    The problem is arguably that for the people who understand it enough to say “yeah, they’re the same idea”, the key point is “asymmetric cryotherapy” in an authentication context, the key point is not SSH. SSH is just how most technically inclined users have most directly experienced asymmetric cryptography deployed as an authentication mechanism. It’s that same mistake textbooks often make of burying the lead in an otherwise obscure reference the reader may or may not pickup on.

    But yes, it would be helpful if some major site would provide this comparison “so that I don’t have to! 😉”

    See also “Enrollment and Sign-in with FIDO” in https://fidoalliance.org/how-fido-works/

    • @JubilantJaguar@lemmy.world
      link
      fedilink
      33 months ago

      It’s that same mistake textbooks often make of burying the lead in an otherwise obscure reference the reader may or may not pickup on.

      Exactly. Thanks for clarifying.