Can Passkeys Replace Passwords

Can Passkeys Replace Passwords ⚓︎

Passkeys always fascinated me — I never understood them, but have often used them. This opinion piece by Bruce Davie helped me the pitfalls of the tech and convinced me we are yet to reach the “passwordfree” world yet.

The process is bootstrapped by getting the user to authenticate using a traditional approach (such as user name and password) which remains open to traditional attacks.

There is no getting away from the fact that public keys always need some sort of bootstrap process. (Remember PGP key-signing parties?) But if a website adopts passkeys without disallowing subsequent login attempts by password, then the system remains roughly as vulnerable to phishing attacks as it was before.

Date

January 13, 2025

The 70% problem Hard truths about AI-assisted coding The 70% problem: Hard truths about AI-assisted coding ⚓︎ Addy Osmani makes an excellent observation about how developers should treat AI coding

Previously

How the “Conservation of Weirdness” Will Impact Cryptography ⚓︎ [W]hile we can say “we haven’t found an efficient quantum solution” to a problem

Date

Next

Previously