![](/style/images/good.png)
![](/style/images/bad.png)
iOS 17 and macOS Sonoma Automatically Generates Apple ID Passkeys - Slashdot
source link: https://apple.slashdot.org/story/23/06/20/1559245/ios-17-and-macos-sonoma-automatically-generates-apple-id-passkeys
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
iOS 17 and macOS Sonoma Automatically Generates Apple ID Passkeys
Slashdot is powered by your submissions, so send in your scoop
binspamdupenotthebestofftopicslownewsdaystalestupid freshfunnyinsightfulinterestingmaybe offtopicflamebaittrollredundantoverrated insightfulinterestinginformativefunnyunderrated descriptive typodupeerror
Sign up for the Slashdot newsletter! or check out the new Slashdot job board to browse remote jobs or jobs in your area
-
›
Passwords can't die soon enough.
Once folks start getting used to passkey authentication, it'll get the rest of the industry moving.
This is one of those "we need big movers to move first instead of being fast followers" kind of things.
Let's do this.
-
No thanks. Still too many issues.
My work PC has the option disabled by the admins higher up than me, my home desktop doesn't even have the option for passkeys IIRC, and turning it on tanks the usability of the phone to unacceptable levels. -
I'm somewhat concerned about the SPoF this has potential to introduce: instead of a million different ways to store passwords, you're using a single repository backed/accessed via API. That will be a prominent target which will be difficult for hackers to ignore.
That said, it'll be a huge benefit to account security in general.
The ability to revoke keys would be crucial, as well. Hopefully that infrastructure becomes available soon.
-
The problem with passkeys is that only Apple has a complete ecosystem.
Biometrics on all their devices, check. Flexible secure processors on all their devices, check. Dedicated department for investigating requests for account recovery when all other options fall through, check. Rank amateurs as competition, check.
-
Agreed, but you have to start somewhere. It's a chicken/egg problem. May as well let the first mover get it right and set a good model to follow.
If we let the rank amateurs set the pace, we'll be stuck with this completely stupid "Remember a 36-character password with 4 symbols, 3 digits, at least two uppercase letter and two emojis" nonsense forever.
I'm over it.
I'm over passwords.
I'm over password keepers.
I'm over managing authorized_keys files.
I'm over all of it.-
AFAIK, you are just trading one random set of jibberish (password) for another (private key). The nice thing with passkeys is that you aren't giving the super secret to the web site to store; Rather, you are keeping the secrets close to the vest. But you still need to manage and store the secrets. Which, I think, means that a manager is still required.
-
-
-
-
Intel and AMD are the only ones who can implement passkeys securely on PCs due to lack of foresight of PC operating system developers. TPM is not enough, ME/PSP are needed too. Being forced to use your phone while Apple users can just use the single device they are working on would accelerate the deathmarch of everything non Apple in consumer electronics (and financial services and cars).
With Intel involved it might even be an open standard which allow passkey syncing between Microsoft and Google, instead o
-
1) Bad guy or collection of them who get your credit card info can buy an iPhone, iPad, or Mac, set it up (with reproducable facial disguise or fake fingerprint glove), and gain access to your accounts on all apple servers.
2) Cop or secret police of some tyrannical country arrests you with an iProduct on you, fingerprints you, 3-d prints or photo-etches and molds a fingertip glove or your print, and logs in with that, or with your picture, or by holding the iGadget up in front of you or running your finger
-
1. FaceID is not enough to get an Apple device associated with your Apple ID.
2. The only advantage for the current situation is that they need you temporarily alive to get the password.
3. They can do all that with your password too. The password has to go through an input device though, with passkey only user verification goes through an input device.
-
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK