Yeah I don’t think it’s the only password manager that allows PassKeys either. Plus, they’re more secure by design; the website never has to store anything that can be reversed to allow access. Bitwarden even lets you store multiple passkeys per site.
I do hate how it’s promoted as “locked to your device” though but i imagine that’s because (unfortunately) password managers aren’t used by a majority of users.
Having seen the amount of people still keeping their passwords on sticky notes/on random scraps of paper/in the notepad.app on their phone/pc when there’s literally a built-in biometrically secure app on the same device – yeah, passkeys are safer for the *average person* for this alone. It forces you to use what you could already be using to store passwords in the first place. It also cuts down on tech-supporting the users that bork their profiles/lost their passwords/devices as we can verify manually and send an updated passkey out. From there. they can just save however they wish.
Not only do I have to support these kinds of users, I also have to log into no less than 3 machines with several realms of security at any given moment. Passkeys has turned the 10 minute first login of the day ritual into a 1 minute speedrun of me clicking “Use this Passkey” or scanning the QR code/tapping notification on my phone.
Bonus: My passwords don’t expire now because they didn’t get used in the first place.
Bitwarden has passkey support! Syncs too!
Except for passkey login on Android app. For example Playstation app login with passkey won’t work.
Have you tried Bitwarden? I like their implementation best and its cross-platform.
Yeah I don’t think it’s the only password manager that allows PassKeys either. Plus, they’re more secure by design; the website never has to store anything that can be reversed to allow access. Bitwarden even lets you store multiple passkeys per site.
I do hate how it’s promoted as “locked to your device” though but i imagine that’s because (unfortunately) password managers aren’t used by a majority of users.
Hm, ok. Maybe it’s time to take another look.
It’s not. There is almost zero security improvement between a passkey vs a randomly generated password + 2FA.
The only concern is if you’re dumb enough to give away your password, or not activate 2FA on critical accounts.
Having seen the amount of people still keeping their passwords on sticky notes/on random scraps of paper/in the notepad.app on their phone/pc when there’s literally a built-in biometrically secure app on the same device – yeah, passkeys are safer for the *average person* for this alone. It forces you to use what you could already be using to store passwords in the first place. It also cuts down on tech-supporting the users that bork their profiles/lost their passwords/devices as we can verify manually and send an updated passkey out. From there. they can just save however they wish.
Not only do I have to support these kinds of users, I also have to log into no less than 3 machines with several realms of security at any given moment. Passkeys has turned the 10 minute first login of the day ritual into a 1 minute speedrun of me clicking “Use this Passkey” or scanning the QR code/tapping notification on my phone.
Bonus: My passwords don’t expire now because they didn’t get used in the first place.