this post was submitted on 30 Mar 2024
298 points (79.3% liked)

Technology

58970 readers
4077 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Passkeys are an easy and secure alternative to traditional passwords that can help prevent phishing attacks and make your online experience smoother and safer.

Unfortunately, Big Tech’s rollout of this technology prioritized using passkeys to lock people into their walled gardens over providing universal security for everyone (you have to use their platform, which often does not work across all platforms). And many password managers only support passkeys on specific platforms or provide them with paid plans, meaning you only get to reap passkeys’ security benefits if you can afford them.

They’ve reimagined passkeys, helping them reach their full potential as free, universal, and open-source tech. They have made online privacy and security accessible to everyone, regardless of what device you use or your ability to pay.

I'm still a paying customer of Bitwarden as Proton Pass was up to now still not doing everything, but this may make me re-evaluate using Proton Pass as I'm also a paying customer of Proton Pass. It certainly looks like Proton Pass is advancing at quite a pace, and Proton has already built up a good reputation for private e-mail and an excellent VPN client.

Proton is also the ONLY passkey provider that I've seen allowing you to store, share, and export passkeys just like you can with passwords!

See https://proton.me/blog/proton-pass-passkeys

#technology #passkeys #security #ProtonPass #opensource

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 7 months ago (2 children)

I'm using the browser add-on in Linux across all my browsers. I do have the Bitwarden app for Linux, but to be honest I never open it as it is a pain to have to open a separate app, and then copy and paste. Isn't it just more seamless to let it replace the browser password manager on Linux? If I want to tidy up my Bitwarden vault, I also do that in the browser.

[–] [email protected] 17 points 7 months ago* (last edited 7 months ago) (1 children)

Passwords are used in more places than just browsers though. If there wasn't any need for a dedicated app, why did they bother making one for Windows?

But personally, I dislike Bitwarden as well. I prefer KeepassXC instead, as it works fully offline and I don't need to depend on a cloud-based provider (or spin up a server). The best part about KeepassXC is that it supports auto-typing credentials, so you don't need to copy-paste - and it works across a multitude of apps, such as remote desktop / terminal sessions.

[–] [email protected] 6 points 7 months ago (1 children)

I have the app and the browser extension. I usually open the extension and copy from there rather than use the app for things outside of the browser. It's just quicker.

[–] [email protected] 6 points 7 months ago

This is what I do as well. I always have Firefox running and can easily search the extension for whatever password I need and it is just as easy to copy from there as opening another tool.

That being said the iOS app is great for when I am away from my laptop.

[–] [email protected] 7 points 7 months ago (1 children)

Devops here. I use the 1Password cli constantly to feed auth tokens and passwords and identity overrides into other shell commands. I’d lose my shit if I had to keep opening my browser to login to all my various workflows. The CLI even integrates with biometrics so my hands never leave the keyboard

[–] [email protected] 1 points 7 months ago (1 children)

Have you used KeepassXC or BitWarden? Just curious.

[–] [email protected] 2 points 7 months ago (1 children)

Yes. My personal vault is Bitwarden and my work vault is 1Password. It’s actually nice they are separate so I have a hard mental context switch. If I want to do something to my personal services, it’s a different set of commands to inject my tokens than my work ones and not something easier to leave on like an env var to target a different profile

[–] [email protected] 1 points 7 months ago

Ah, nice! Yeah, I have a seperate KeepassXC on my work Mac, so the ones on my Linux desktop never touch. I do sync my general Obsidian notebook back and forth which is nice. Client specific notes stay seperate due to NDA's. It's easier having to seperate devices with a KVM.