There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

What Linux options exist for passkeys?

I see Google and Apple really embracing passkeys lately and I’m trying to understand the hype, but it can be challenging. I also see that Bitwarden and 1Password are embracing them too. As far as I can tell, passkeys are just key pairs that behave like FIDO2 tokens (e.g. my yubikey) but are backed up to some cloud and usable from multiple synchronized trusted devices. Is this accurate? How would I go about implementing a self-hosted Linux equivalent? Use it with pam? Is this just a fancy ssh-agent for other protocols? What are you all doing in the eliminating passwords space?

Petter1 ,

enpass.io/…/enpass-steps-into-the-passwordless-fu…Apparently, you can use enpass and store your vault self hosted, and it supports passkeys. Was just my first quick google find, don’t know about enpass‘s reputation.

lemmy_user_838586 ,

deleted_by_author

    •
    beejjorgensen ,
    @beejjorgensen@lemmy.sdf.org avatar

    I would be so much happier with this than relying on a third party like Google to provide access to my passkeys.

    baernhelm ,
    @baernhelm@feddit.de avatar

    This post featured on hackernews argues that users should be aware that this makes your google account only as secure as your weakest device security and thus isn’t ideal for the average user: lauren.vortex.com/…/dont-use-google-passkeys-now

    PseudoSpock ,
    @PseudoSpock@lemmy.dbzer0.com avatar

    Keys in the cloud can be gotten by governments and are always one zero day away from being leaked. Nooo thank you.

    beejjorgensen ,
    @beejjorgensen@lemmy.sdf.org avatar

    It’s my understanding that the passkeys are stored encrypted so this is not an issue.

    Google deciding to disable your account for no reason is something to fear, though.

    RegalPotoo ,
    @RegalPotoo@lemmy.world avatar

    github.com/…/xdg-credentials-portal is a WIP proposal for a spec to enable OS-level support for FIDO similar to how Windows and macOS do it. Not sure how far away from being approved it is, but that would then make implementations easier to build

    RegalPotoo ,
    @RegalPotoo@lemmy.world avatar

    See also github.com/psanford/tpm-fido

    skullgiver , (edited )
    @skullgiver@popplesburger.hilciferous.nl avatar

    deleted_by_author

    •
    dinckelman ,

    I have been incredibly happy with 1Password, and really don’t have any plans for switching away from it. I was exploring Bitwarden as a solution for someone else, as an introduction to the system, and it was both not nearly as intuitive, and not nearly as feature-rich

  • All
  • Subscribed
  • Moderated
  • Favorites
  • [email protected]
  • random
  • lifeLocal
  • goranko
  • All magazines
    •