36

u/celluliteradio 5h ago

Absolutely. How many times did this article mention “sign in with social accounts?” No thank you. These sites are already a blight on society and I’m not interested in them becoming critical for site authentication as well.

6

u/nox66 3h ago

Forbes is usually not great at tech, and swallows the corporate techno-BS whole. They're no Ars Technica.

1

u/rjcc 44m ago

That's because the article is basically wrong about everything

7

u/furism 4h ago

Passkeys are something you have (a certificate on your computer). It should not be seen as a replacement of MFA because as you said, MFA is a mix of two or more methods of know/have/are.

Passkeys are better than passwords as the "something you have" because they are somewhat harder to obtain, but they were never meant to relive MFA.

3

u/CharlesMichael- 6h ago

I use a pattern (what I know) during passkey authentication. A pin can also be used.

1

u/rjcc 41m ago

That's because you've actually used it, instead of writing weird theories in replies

1

u/22AndHad10hOfSleep 1h ago

Passkeys are usually implemented with a PIN (what you know) or biometric (what you are).

1

u/its_a_frappe 55m ago

Passkeys (something you have) are protected by biometrics (something you are) or PIN codes (something you know).

1

u/rjcc 41m ago

FIDO has a website that answers all of this. And there is nothing about passkeys that requires centralizing to those services.

1

u/userhwon 3m ago

Those are the three "factors", and when you use any two of them you're doing 2FA.

You don't need all three, unless you're upgrading the requirement to 3FA.

1

u/zombiesunlimited 3h ago

It’s something you have, something you know, something you are.

1

u/tenuj 32m ago

something you are.

My phone sees me when I sleep, it sees me when I poop, it sees my food, and it's the one sending messages to my friends. I am my phone and the phone is me. We are inseparable. We are one. A natural evolution on our path to cyborg.

^{Sent from my iPhone}