• jatone@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    3 days ago

    because its also the most convenient and people are stupid and incapable of handling authenticator apps. plus auth apps are a maintenance burden between phone switching. overall 2fa was a poorly thought out concept to begin with from a end user perspective.

    honestly the whole concept of modern 2FA is retarded when you can essentially get the same thing from ssh keys with passwords. (👋 @ passkeys which as basically that renamed)

    • otp@sh.itjust.works
      link
      fedilink
      arrow-up
      3
      ·
      3 days ago

      I understand SSH keys with passwords, but I don’t understand passkeys yet because most of what I’ve read has been layman explanations of them.

      Since you made the comparison, could you explain what passkeys actually are, or point me to a decent source that’ll explain it not like I’m 5? Lol

      • jatone@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        2 days ago

        SSH keys are a public and private keys that you can use to sign and verify messages back and forth. passkeys are literally the same thing. the only difference is passkeys are unique per site and you store them in an encrypted file that you only need a single password to access vs an ssh key the passwords are per key pair.

        essentially the passkey is used to sign a bit of metadata and then the service verifies that metadata matches the user via the public key on file in their system. but otherwise they’re functionally the same thing as ssh keys.