“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.

  • narc0tic_bird@lemm.ee
    link
    fedilink
    English
    arrow-up
    10
    ·
    1 month ago

    Usually just an option in addition to a password + MFA. Or they just replace the MFA option and still require a password. I even saw some variants where it replaced the password but still required a MFA code. It’s all over the place. Some providers artificially limit passkeys to certain (usually mobile) platforms.

    • Semperverus@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      30 days ago

      All of those options are to NIST-spec. MFA means multi-factor. It doesnt matter what they are as long as they are in different categories (something you know, something you have, something you are, etc: password, passkey, auth token, auth app, physical location, the network you are connected to). Two or more of these and you are set (though, location might be a weak factor).