heise online<p>Passkeys: Microsoft drückt Neukunden Anmeldung ohne Passwort auf</p><p>Microsoft setzt die Abschaffung von Passwörtern weiter fort. Neue Microsoft-Konten sind jetzt standardmäßig passwortlos. </p><p><a href="https://www.heise.de/news/Passkeys-Microsoft-drueckt-Neukunden-Anmeldung-ohne-Passwort-auf-10369464.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/news/Passkeys-Microso</span><span class="invisible">ft-drueckt-Neukunden-Anmeldung-ohne-Passwort-auf-10369464.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</span></a></p><p><a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IT</span></a> <a href="https://social.heise.de/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Microsoft</span></a> <a href="https://social.heise.de/tags/Passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkey</span></a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>news</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
en.osm.town is one of the many independent Mastodon servers you can use to participate in the fediverse.
An independent, community of OpenStreetMap people on the Fediverse/Mastodon.
Funding graciously provided by the OpenStreetMap Foundation.
Administered by:
Server stats:
250active users
en.osm.town: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#Passkey
5 posts · 5 participants · 2 posts today
GNU/Linux.ch<p>Passkeys auf einem Rechner mit mehreren Betriebssystemen nutzen</p><p>Welche Möglichkeiten habe ich einen Nitrokey für die Anmeldung bei Betriebsystemen zu nutzen? Ein kleiner Einblick gibts in diesem Artikel </p><p><a href="https://social.anoxinon.de/tags/Passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkey</span></a> <a href="https://social.anoxinon.de/tags/Nitrokey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nitrokey</span></a> <a href="https://social.anoxinon.de/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a> <a href="https://social.anoxinon.de/tags/IT_Sicherheit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IT_Sicherheit</span></a> <a href="https://social.anoxinon.de/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a></p><p><a href="https://gnulinux.ch/passkeys-auf-einem-rechner-mit-mehreren-betriebssystemen-nutzen" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gnulinux.ch/passkeys-auf-einem</span><span class="invisible">-rechner-mit-mehreren-betriebssystemen-nutzen</span></a></p>
heise online<p>Welt-Passwort-Tag: Menschen wollen Zwei-Faktor-Authentifizierung</p><p>Am Welt-Passwort-Tag haben GMX und web.de eine Umfrage herausgebracht. Die zeigt, es gibt Fortschritte im Hinblick auf Sicherheit.</p><p><a href="https://www.heise.de/news/Welt-Passwort-Tag-Menschen-wollen-Zwei-Faktor-Authentifizierung-10368650.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/news/Welt-Passwort-Ta</span><span class="invisible">g-Menschen-wollen-Zwei-Faktor-Authentifizierung-10368650.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</span></a></p><p><a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IT</span></a> <a href="https://social.heise.de/tags/eCommerce" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>eCommerce</span></a> <a href="https://social.heise.de/tags/Passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkey</span></a> <a href="https://social.heise.de/tags/Passw%C3%B6rter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passwörter</span></a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://social.heise.de/tags/Webde" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Webde</span></a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>news</span></a></p>
heise online English<p>World Password Day: people want two-factor authentication</p><p>On World Password Day, GMX and web.de published a survey. It shows that progress is being made in terms of security.</p><p><a href="https://www.heise.de/en/news/World-Password-Day-people-want-two-factor-authentication-10368740.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/en/news/World-Passwor</span><span class="invisible">d-Day-people-want-two-factor-authentication-10368740.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</span></a></p><p><a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IT</span></a> <a href="https://social.heise.de/tags/eCommerce" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>eCommerce</span></a> <a href="https://social.heise.de/tags/Passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkey</span></a> <a href="https://social.heise.de/tags/Passw%C3%B6rter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passwörter</span></a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://social.heise.de/tags/Webde" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Webde</span></a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>news</span></a></p>
Andrea Grandi 🦕<p>Can anyone please tell me how to disable this annoying popup? </p><p>It's possibly the most annoying thing in 1Password.</p><p>cc <span class="h-card" translate="no"><a href="https://1password.social/@1password" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>1password</span></a></span> </p><p><a href="https://mastodon.social/tags/1password" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>1password</span></a> <a href="https://mastodon.social/tags/passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passkey</span></a></p>
drs1969 (David Smith) 🇬🇧<p>I HATE this wretched <a href="https://mstdn.social/tags/Passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkey</span></a> nonsense. Every browser, OS, Website is trying to get me to create the things with NO explanation of how they work or what consequences are AND when I'm actually in the middle of signing in using a password manager. </p><p>As near I can tell, I've just had Windows, Chrome and maybe Amazon all have go. </p><p>And talk about anti patterns! Major sign in changes are NOT what you try to force on people in the middle of login task completion. What's WRONG with you? <br><a href="https://mstdn.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a></p>
iX Magazin<p>iX-Workshop: Passwortlose Authentifizierung mit Passkeys, FIDO, SSO und mehr </p><p>Wie man FIDO2 und SSO in Webdienste integriert: Konzepte, Protokolle und Best Practices für eine sichere Authentifizierung mit und ohne Passwort.</p><p><a href="https://www.heise.de/news/iX-Workshop-Passwortlose-Authentifizierung-mit-Passkeys-FIDO-SSO-und-mehr-10344327.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/news/iX-Workshop-Pass</span><span class="invisible">wortlose-Authentifizierung-mit-Passkeys-FIDO-SSO-und-mehr-10344327.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</span></a></p><p><a href="https://social.heise.de/tags/IdentityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IdentityManagement</span></a> <a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IT</span></a> <a href="https://social.heise.de/tags/iXWorkshops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iXWorkshops</span></a> <a href="https://social.heise.de/tags/Passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkey</span></a> <a href="https://social.heise.de/tags/Verschl%C3%BCsselung" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Verschlüsselung</span></a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>news</span></a></p>
0xKaishakunin<p>Finally! 7 Factor Authentication! </p><p><a href="https://mastodon.social/tags/mfa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mfa</span></a> <a href="https://mastodon.social/tags/passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passkey</span></a> <a href="https://mastodon.social/tags/iam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iam</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a></p>
0xKaishakunin<p><span class="h-card" translate="no"><a href="https://chaos.social/@leah" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>leah</span></a></span> TBF die 5er Serie hatte insgesamt 6 Firmware Upgrade und unterstützt inzwischen auch SCP03, SCP11, YubiHSM Auth und der Speicher für Passkeys und OATH credentials ist gewachsen. </p><p>Die Security Keys sind günstiger, unterstützen aber nur <a href="https://mastodon.social/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a> <a href="https://mastodon.social/tags/Passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkey</span></a></p><p><a href="https://docs.yubico.com/hardware/yubikey/yk-tech-manual/yk5-overview.html#firmware-capability-matrices" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">docs.yubico.com/hardware/yubik</span><span class="invisible">ey/yk-tech-manual/yk5-overview.html#firmware-capability-matrices</span></a></p>
Matt Cengia<p>I'd love if there was a website like <a href="https://www.passkeys.io/who-supports-passkeys" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">passkeys.io/who-supports-passk</span><span class="invisible">eys</span></a> which showed which websites also support *non-resident* <a href="https://aus.social/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a> authentication as opposed to resident <a href="https://aus.social/tags/Passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkey</span></a>. Let's reward sites that have that support!</p>
c't Magazin<p>c't 3003: Das Problem mit Passkeys</p><p>Passkeys sind sicherer als Passwörter, aber Apple, Google & Co. schränken die Nutzung ein. c't 3003 zeigt, wie man sie plattformübergreifend einsetzen kann.</p><p><a href="https://www.heise.de/news/c-t-3003-Das-Problem-mit-Passkeys-10332792.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/news/c-t-3003-Das-Pro</span><span class="invisible">blem-mit-Passkeys-10332792.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</span></a></p><p><a href="https://social.heise.de/tags/ct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ct</span></a> <a href="https://social.heise.de/tags/Entertainment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Entertainment</span></a> <a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IT</span></a> <a href="https://social.heise.de/tags/Mobiles" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Mobiles</span></a> <a href="https://social.heise.de/tags/Passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkey</span></a> <a href="https://social.heise.de/tags/Passw%C3%B6rter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passwörter</span></a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://social.heise.de/tags/Wissen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Wissen</span></a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>news</span></a></p>
Karl Voit :emacs: :orgmode:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@yacc143" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>yacc143</span></a></span> FYI: <a href="https://graz.social/tags/Passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkeys</span></a> and <a href="https://graz.social/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a> (= "device-bound <a href="https://graz.social/tags/passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passkey</span></a>" which can be divided into "platform-" and "roaming-authenticators") are identical except the <a href="https://graz.social/tags/cloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloud</span></a>-sync mechanism (as of my current understanding).</p><p>So unfortunately, they get mixed up or are considered as totally different things. Both is wrong.</p><p>In reality, they are very similar except that FIDO2 hardware tokens ("device-bound passkeys" only in their "roaming-authenticator" variant) are designed that way, that Passkeys are not being able to extracted from the device (at least for the moment).</p><p>Therefore, users of HW tokens can't be tricked into transferring their passkey to a rogue third party, which is possible with all other Passkey variants. Therefore: passkeys are NOT <a href="https://graz.social/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phishing</span></a>-resistant in the general case.</p><p><a href="https://graz.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://graz.social/tags/authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentication</span></a> <a href="https://graz.social/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a></p>
Karl Voit :emacs: :orgmode:<p><a href="https://graz.social/tags/TroyHunt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TroyHunt</span></a> fell for a <a href="https://graz.social/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phishing</span></a> attack on his mailinglist members: <a href="https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mailchimp-mailing-list/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">troyhunt.com/a-sneaky-phish-ju</span><span class="invisible">st-grabbed-my-mailchimp-mailing-list/</span></a></p><p>Some of the ingredients: <a href="https://graz.social/tags/Outlook" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Outlook</span></a> and its habit of hiding important information from the user and missing <a href="https://graz.social/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> which is phishing-resistant.</p><p>Use <a href="https://graz.social/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a> with hardware tokens if possible (<a href="https://graz.social/tags/Passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkeys</span></a> without FIDO2 HW tokens are NOT phishing-resistant due to the possibility of being able to trick users with credential transfers: <a href="https://arxiv.org/abs/2501.07380" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">arxiv.org/abs/2501.07380</span><span class="invisible"></span></a>) and avoid Outlook (or <a href="https://graz.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Microsoft</span></a>) whenever possible.</p><p>Further learning: it could happen to the best of us! Don't be ashamed, try to minimize risks and be open about your mistakes.</p><p>Note: any 2FA is better than no 2FA at all.</p><p><a href="https://graz.social/tags/email" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>email</span></a> <a href="https://graz.social/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> <a href="https://graz.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://graz.social/tags/OTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OTP</span></a> <a href="https://graz.social/tags/TOTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TOTP</span></a> <a href="https://graz.social/tags/Passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkey</span></a> <a href="https://graz.social/tags/haveibeenpwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>haveibeenpwned</span></a> <a href="https://graz.social/tags/Ihavebeenpwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ihavebeenpwned</span></a></p>
Samuel Lison :lagr_elephant:<p><span class="h-card" translate="no"><a href="https://social.lol/@techlore" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>techlore</span></a></span> proton pass is good in that your data on proton pass is fully <a href="https://social.familylison.com/tags/encrypted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>encrypted</span></a>. So if you use a hardware based <a href="https://social.familylison.com/tags/passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passkey</span></a> such as a <a href="https://social.familylison.com/tags/yubikey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>yubikey</span></a> to secure the main account, and have all your other accounts within use software based passkeys and 2FA, wouldn't be as much of a risk even if Proton Pass got breached as a service.</p>
Karl Voit :emacs: :orgmode:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@technotenshi" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>technotenshi</span></a></span> <a href="https://graz.social/tags/Passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkeys</span></a> are not prone to <a href="https://graz.social/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phishing</span></a> according to my understanding of:<br><a href="https://arxiv.org/abs/2501.07380" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">arxiv.org/abs/2501.07380</span><span class="invisible"></span></a></p><p>The paper describes that it's possible to fool Passkey owners to transfer their <a href="https://graz.social/tags/Passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkey</span></a> to attackers: "Another concern could be social engineering, where a user is tricked into sharing a passkey with an account controlled by an attacker."</p><p>However, the authors disagree with my interpretation.</p><p>The only really secure method is hardware <a href="https://graz.social/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a> tokens where the secrets can't leave the device.</p>
ઉશ્કેરાયેલી-અદાલત-૬૫૧<p><span class="h-card" translate="no"><a href="https://mastodon.social/@itsfoss" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>itsfoss</span></a></span> Good so far.</p><p>On a side note it should have added passkey support at level,shouldn't it?<br><a href="https://mastodon.social/tags/ubuntu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ubuntu</span></a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://mastodon.social/tags/foss" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>foss</span></a> <a href="https://mastodon.social/tags/passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passkey</span></a></p>
Philip Gillißen<p>Because I found out via try & error: some pages don't find their <a href="https://ruhr.social/tags/passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passkeys</span></a> with <a href="https://ruhr.social/tags/Firefox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Firefox</span></a> on <a href="https://ruhr.social/tags/Android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Android</span></a>, which they just created. This happens if you have a password service as default like <a href="https://ruhr.social/tags/Keepass2Android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keepass2Android</span></a>. Creation works though. Chrome just works.</p><p>Easy solution: setup Google wallet as your default password service, then switch to Keepass2Android again and add Wallet as additional service. </p><p>Do this via settings password, default password service</p><p>This should be a blog post.</p><p><a href="https://ruhr.social/tags/passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passkey</span></a> <a href="https://ruhr.social/tags/KeePass" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KeePass</span></a></p>
Claus Holm Christensen<p><span class="h-card" translate="no"><a href="https://mastodon.social/@sarahjamielewis" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>sarahjamielewis</span></a></span> I would like to hear answers to that question as well. I have not tried it myself, but I'm considering <a href="https://mastodon.social/tags/Keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keycloak</span></a> for something like that.</p><p>I would also suggest the hashtags <a href="https://mastodon.social/tags/passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passkey</span></a> <a href="https://mastodon.social/tags/webauthn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>webauthn</span></a> and <a href="https://mastodon.social/tags/fido" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido</span></a> to gather the attention of the right people?</p><p>If you're ready to learn the technical details, then there is a Tour of WebAuthN here: <a href="https://www.imperialviolet.org/tourofwebauthn/tourofwebauthn.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">imperialviolet.org/tourofwebau</span><span class="invisible">thn/tourofwebauthn.html</span></a></p>
heise online English<p>More security: Federal Employment Agency relies on passkeys</p><p>The Federal Employment Agency is now offering support for passkeys for secure login to user accounts.</p><p><a href="https://www.heise.de/en/news/More-security-Federal-Employment-Agency-relies-on-passkeys-10271352.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/en/news/More-security</span><span class="invisible">-Federal-Employment-Agency-relies-on-passkeys-10271352.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</span></a></p><p><a href="https://social.heise.de/tags/Arbeitswelt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Arbeitswelt</span></a> <a href="https://social.heise.de/tags/Passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkey</span></a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>news</span></a></p>
Synapsenkitzler 🌻<p><span class="h-card" translate="no"><a href="https://social.heise.de/@heisec" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>heisec</span></a></span> <br><span class="h-card" translate="no"><a href="https://social.heise.de/@newstik" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>newstik</span></a></span><br>Nachteil an Passkey + biometrisches Merkmal ist aber, dass das erzwungen werden kann, z.B. durch Drücken des Fingers auf den Sensor.? Siehe Fingerabdruck-Zwang:<br><a href="https://www.heise.de/news/Oberlandesgericht-bestaetigt-zwangsweisen-Fingerabdruck-auf-Handys-10251294.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/news/Oberlandesgerich</span><span class="invisible">t-bestaetigt-zwangsweisen-Fingerabdruck-auf-Handys-10251294.html</span></a><br><a href="https://logbuch-netzpolitik.de/lnp512-unicoin" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">logbuch-netzpolitik.de/lnp512-</span><span class="invisible">unicoin</span></a></p><p>Siehe auch Empfehlung vom <a href="https://digitalcourage.social/tags/ccc" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ccc</span></a> :<br><a href="https://www.ccc.de/de/updates/2025/andere-dein-passwort-zum-letzten-mal" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">ccc.de/de/updates/2025/andere-</span><span class="invisible">dein-passwort-zum-letzten-mal</span></a></p><p>Dann scheint doch Passkey + PIN das aktuell empfehlenswerteste zu sein?<br>Da könnte/sollte im Artikel drauf hingewiesen werden? </p><p><a href="https://digitalcourage.social/tags/passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passkey</span></a> <a href="https://digitalcourage.social/tags/biometrie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>biometrie</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload