• 0xD@infosec.pub
    link
    fedilink
    arrow-up
    2
    ·
    7 months ago

    You need to check out public key cryptography and digital signatures. Those are the basics of Fido.

    When the private key is bound to a device it is not possible to fake or steal it through conventional methods. Passwords are the weakest link and an easy target for attackers - passkeys basically solve that.

    User adoption depends on implementation, but everything is easier than remembering a secure password or using a password manager for most people. There needs to be an easy and secure way to distribute passkeys across devices, and any backup mechanisms may be a weak point. In any case: still better than passwords.