I recently learned about passkeys which are a way to sign into an account without a username and password. Instead, your device has a key file that you unlock with some biometrics like your thumbprint and the site will log you in. I thought it was cool but then I learned Firefox is one of the only browsers that doesn’t support passkeys.
yeah mozilla are opposed to the current suggested implementation. it’s massively flawed and only well-defined for the happy path. if you want to know what i mean, try switching phones.
They do support hardware keys like Yubikeys though, and password managers like Bitwarden can also provide passkeys to websites upon request.
They’d have to improve the password storage mecanism to ensure they securely store the passkeys if they’re going to let users sync them accross sessions.
This works on Windows and Mac Firefox, you’ll get a prompt from the operating system to enter your credentials (e.g. PIN, biometrics) and it will save or retrieve the passkey.
The Apple implementation is poor and relies solely on having an iCloud account, which if it is disabled by enterprise policy means you needlessly cannot use the feature.
I recently learned about passkeys which are a way to sign into an account without a username and password. Instead, your device has a key file that you unlock with some biometrics like your thumbprint and the site will log you in. I thought it was cool but then I learned Firefox is one of the only browsers that doesn’t support passkeys.
yeah mozilla are opposed to the current suggested implementation. it’s massively flawed and only well-defined for the happy path. if you want to know what i mean, try switching phones.
Yeah, unless they can be transferred freely between password managers they’re effectively a useless non-starter that multiplies vendor lock in.
They do support hardware keys like Yubikeys though, and password managers like Bitwarden can also provide passkeys to websites upon request.
They’d have to improve the password storage mecanism to ensure they securely store the passkeys if they’re going to let users sync them accross sessions.
This works on Windows and Mac Firefox, you’ll get a prompt from the operating system to enter your credentials (e.g. PIN, biometrics) and it will save or retrieve the passkey.
The Apple implementation is poor and relies solely on having an iCloud account, which if it is disabled by enterprise policy means you needlessly cannot use the feature.