Passkeys replace passwords with encrypted key pairs that can’t be phished or leaked. Learn how FIDO2 and WebAuthn work, their pros and flaws.

Passkeys are built on the FIDO2 standard (CTAP2 + WebAuthn standards). They remove the shared secret, stop phishing at the source, and make credential-stuffing useless.

But adoption is still low, and interoperability between Apple, Google, and Microsoft isn’t seamless.

I broke down how passkeys work, their strengths, and what’s still missing

  • andyburke@fedia.io
    62·
    3 hours ago

    security parity is a password manager + 2fa generated on-device

    This experience works perfectly for me. I have no need of whatever junk the latest consortium of megacorps has come up with.

    🤷‍♂️