Just got the offer to go with a passkey. Started down the path and found that it only applies to my phone and tablet, not my laptop. ...
So what's the point? I still use a laptop/desktop, so I still need a password.
This is one of the great things about passkeys.
The user doesn’t create their own passkey. Weak passwords are a thing of the past. ....
I have often heard it said that the weakest part of passwords is the human that creates the password. Now, not so much.
But if I'm understanding this right, it is automatic once you have your phone/tablet unlocked? So it's less secure than a locked phone plus a password. And strong passwords aren't hard, I have a system that makes it easy to remember, I can even write them down, and store them on my computer, as the long portion is something I have memorized (an easy but meaningless mnemonic), and I only add a short unique phrase, and that's all I need to write down/remember ( like Hymatyri187_myb$_opfgutY where I memorize "Hymatyri187_" and "_opfgutY" and "myb$" stands gor "my bank".
If someone grabs my phone off the table at a restaurant/bar or out of my hands while I'm using it out on the street, it's unlocked and they get into my accounts w/o a password? I don't like that.
... If I use my iPhone to access a fake version of my bank, it doesn’t matter, as every passkey ‘handshake’ ...
That part sounds good.
Amazon today announced that it has added passkey support to its desktop sites and mobile apps, allowing customers to sign in to their accounts without the need for a password.
https://www.aboutamazon.com/news/retail/amazon-passwordless-sign-in-passkey
And how do I get into an account on a public, or friend's computer/phone if I need to? The passkey is on my device. A friend of ours recently dropped her phone, and it slid off the bridge into the Chicago river. She had a heck of a time, since some of the stuff she needed to access to get home used 2-factor authentication, texting a code to that underwater phone.
I haven't found fingerprint or face recognition to be very reliable on my Samsung phone, and my PIN isn't too tough to break, but I don't worry too much, since the apps would all require passwords anyhow.
Maybe this is all addressed and I'm just not getting it. But I was skeptical of 2 factor for the very reason our friend experienced. Am I wrong this time?
-ERD50