We had originally planned to go all-in on passkeys for ONCE/Campfire, and we built the early authentication system entirely around that. It was not a simple setup! Handling passkeys properly is surprisingly complicated on the backend, but we got it done. Unfortunately, the user experience kinda sucked, so we ended up ripping it all out...
I use a password manager with passkey support and still disabled all my passkeys. The user experience for passkeys is so much worse even when support exists.
I’d like to hear more about the specifics if the issues you ran into. I keep delaying my options to start using passkeys because it’s a lot to take in at once and the only services implementing them seem to be the most important ones that I really don’t want to experiment with my ability to acess them. I haven’t even been looking at the details of each service’s implementation.
It’s a combination of issues. First is compatibility issues. Like logging in on mobile web or app with a passkey doesn’t reliably work for me. It might have been due to the password manager, but for some things the option wasn’t even there afaict. If I’m going to really switch to passkeys, I want it to work more reliably.
The second is usability. Passwords in a password manager are a 2 click entry on the username or password form field. Password managers have streamlined this system over the past decade.
Passkeys, ironically, required more steps when pulling from the password manager, including required clicks in less convenient places. I hope these types of issues get ironed out eventually.
When I was trying out passkeys, things allowed either passkey or password still. But yes, I think this need partially reduces the security benefit of passkeys.
I use a password manager with passkey support and still disabled all my passkeys. The user experience for passkeys is so much worse even when support exists.
Really? I just used a passkey for the very first time with Google and Bitwarden and it worked quite nicely. What about passkeys is worse for you?
Just answered in a reply to a different comment.
I’d like to hear more about the specifics if the issues you ran into. I keep delaying my options to start using passkeys because it’s a lot to take in at once and the only services implementing them seem to be the most important ones that I really don’t want to experiment with my ability to acess them. I haven’t even been looking at the details of each service’s implementation.
It’s a combination of issues. First is compatibility issues. Like logging in on mobile web or app with a passkey doesn’t reliably work for me. It might have been due to the password manager, but for some things the option wasn’t even there afaict. If I’m going to really switch to passkeys, I want it to work more reliably.
The second is usability. Passwords in a password manager are a 2 click entry on the username or password form field. Password managers have streamlined this system over the past decade.
Passkeys, ironically, required more steps when pulling from the password manager, including required clicks in less convenient places. I hope these types of issues get ironed out eventually.
Yeah, both feels like password manager issues. Which one do you use?
What’s the problem with combination of manager and passkeys?
How do you login from a device that doesn’t have Bitwarden on it if you have passkeys.
For example a friend’s computer etc
With a password I can type the 20 or so digits of the password. Can’t really be done with a passkey as far as I know
When I was trying out passkeys, things allowed either passkey or password still. But yes, I think this need partially reduces the security benefit of passkeys.