This video demonstrates the process of adding a passkey to your PieFed account and then using the passkey to log in securely and quickly.
Firefox’s support for passkeys is a bit lacking, especially on Linux, so this seems to work best on Chrome(ium) at the moment.
What are passkeys? Read on…
Passkeys are a passwordless authentication method for logging into websites and apps. Traditional username and password logins are vulnerable to phishing, reuse, and data breaches. Even two-factor authentication (2FA), which often relies on insecure or inconvenient methods like SMS codes or ever-changing numbers has its flaws. Passkeys eliminate these issues by removing the need to remember or type passwords altogether.
Passkeys are stored securely on your device and verified using biometrics or a device PIN, making them both more user-friendly and significantly more resistant to phishing, credential stuffing, and other common attacks. This makes passkeys a safer and more seamless alternative to traditional login systems. On Mac and Windows passkeys can be synched via the cloud, making logging in from multiple devices easier.
Is it possible to require a passkey for login, or is it currently an alternative to the traditional user name and password login? If not, is that a future goal? I’ve never used passkeys, just trying to understand the end goal, presumably you want to replace username and password with passkeys eventually, otherwise you’re not really making login more secure.
It’s an alternative and will remain one for a long time. Browser & OS support needs to mature before we could even think about making it a hard requirement.
At present I expect only instance admins would be interested in passkeys.
Over time if adoption and viability increases we might want to make passkeys more prominent, include the creation of the passkey as a step in the onboarding process, make email-based 2FA compulsory for every login when people use the old username+password method and various UI nudges to get people moving in the ‘right’ direction. But all that feels like a long way off at the moment.