A good read and a validation that it’s frequently a good idea to approach new security technologies with caution. The new hotness isn’t always the best thing.
this post was submitted on 26 Apr 2024
38 points (95.2% liked)
Cybersecurity
4965 readers
283 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]
Notable mention to [email protected]
founded 1 year ago
MODERATORS
Honestly, when I saw "passkeys," my first thought was "vendor lockin." Google and GitHub did it with SSO using OAuth, and they're doing it again with passkeys.
Honestly, this is a "surprised Pikachu" moment for me. The closer you get to convenience, the more the big players will want to lock you in:
- biometrics
- voice recognition
- passkeys
Passwords are hard to lock down because it's easy to switch to something else.
I love the promise of passkeys but it’s been painfully obvious the promises are just wallpaper over the actual intent which is vendor lockin.