tippl

joined 1 year ago
sorted by: new top controversial old
What the !#@% is a Passkey? in c/[email protected]
[โ€“] [email protected] 4 points 1 year ago (1 children)

if somebody compromises you, physically, they can see everything you can log into

Can they though? I own a few yubikeys with passkeys stored inside and i cannot query stored logins without entering a pin.

1Password discloses security incident linked to Okta breach in c/[email protected]
[โ€“] [email protected] 4 points 1 year ago

To be accurate, they don't know either. A login key and a decryption key are derived from password and secret key client-side.