Most breaches start with stolen credentials. #Passkeys bind access to your device. No more phishing traps. No reuse, no shared secrets. They even cut support costs. @deepu105 guides you through it.

Discover what’s next: https://javapro.io/2025/05/30/a-passwordless-future-passkeys-for-developers/

A passkey is supposed to replace a password. It's not supposed to be an additional factor.

AliExpress #passkeys

Really looking forward to the .NET day 2025 in Zurich this Tuesday. I will be talking about: Modern Web Applications Require Modern Security

https://www.dotnetday.ch/speakers/damien-bowden.html

Security is so exciting at present with so many new problems to solve. Looking forward to chatting with everyone. Come say hello of you are there.

#openid #oauth #owasp #iam #identity #passkeys #mfa #openidconnect #devSecOps #eid #swiyu #mcpoauth #trust #sast #sbom .NET Day Switzerland

[deps]: Update astro to v5.13.2 [SECURITY] (#118)

#passkeys

https://github.com/bitwarden/passkeys-index/commit/4743729ec26a9e3e8d44aefc2c58c86367949918

These can both be true:

• Passkey deployment has been fraught with UX challenges, failures to advise users about threat model trade-offs, and vendor lock-in concerns

• The ecosystem couldn't go much longer without the benefits of passkeys (reducing password reuse risk, mitigating infostealer harm, and deploying FIDO2 phishing resistance at scale)

@jik I have accidentally accepted a couple of #passkeys. I get it - it’s just normal PKI - but I need to figure out how to unwind those site logins where suddenly I’m in an unrecoverable zone if I screw up the backups.

Passkeys are shaping up to be a user-side failure akin to PGP. But credit to PGP: people very rarely accidentally PGP their messages.

oooo ive been made aware of https://codeberg.org/s1m/hw-fido2-provider by @S1m

it's supposed to enable passkey support without google play services, for example on @GrapheneOS

Costco supports passkeys, though not without some quirks:
1. You can only have one. Annoying but not unheard of.
2. As far as I can tell there’s no way to use it on the web… it’s app-only.
#Passkeys

Interesting. A provider independent passkey solution is a good idea. Let's wait for the implementation and the beta testing.

https://www.yubico.com/blog/platform-independent-digital-identity-for-all/

Update scan workflow to use centralized reusable component (#113)

#passkeys

https://github.com/bitwarden/passkeys-index/commit/469876bd16a0f6994cab7ec30f564eace3167dd5

Question for all the privacy/security smarties.

I was reading about those physical passkeys (like Yubico). My primary hangup is that a tiny USB stick can be easily lost/damaged. That seems like a huge risk.

What I’ve read about these passkeys seems ambiguous at best. Is there a strong argument for their use? If so, how does one backup a hardware passkey to mitigate the risk of loss/damage?

How to use #passkeys on #debian with #firefox ?
I have my passkey on #ios and when a website asks for a key, I don't get a QR code, only a prompt to touch my USB key.

ISN is #rollingcode! It's temporary, a new code generates on every #carkey's #enginestart.
So, this code doesn't mean You forever access the vehicle's #carimmobiliser, seen?

#HapaUjanjaTu, this rubbish makes You #mjanja for #passkeys from #EEPROM's data, do #lostkeys #ECUProgramming #ecurepair

https://www.5021.tips/ujanja/keyprogramming

#InshaAllah, may whatever nonsense make sense do #carkeyprogramming #smartkeyprogramming #immoff #programmingtips #5021tips #techtips #autoelectronics

Update AWS (#57)

#passkeys

https://github.com/2factorauth/passkeys/commit/2e40894c9c2199fa04148d1fb9e7f83ff2429022

Version 4 of the NIST Digital Identity Guidelines (SP 800-63) has been released!

https://www.nist.gov/blogs/cybersecurity-insights/lets-get-digital-updated-digital-identity-guidelines-are-here

Der Stichtag ist da: #Microsoft löscht heute sämtliche #Passwörter unwiderruflich aus dem #Authenticator. Die strategische Neuausrichtung soll den Umstieg auf sichere #Passkeys fördern. https://winfuture.de/news,152663.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia

#MicrosoftAuthenticator won't manage your #passwords anymore - or most #passkeys

https://www.zdnet.com/article/microsoft-authenticator-wont-manage-your-passwords-anymore-or-most-passkeys/