Support for PassKey Integration (Web Authentication API) in KeePassXC implemented
Support for PassKey Integration (Web Authentication API) in KeePassXC implemented
Recently, the W3C finalized their Candidate Recommendation for the Web Authentication Standard, a new browser feature that allows sites to request user authentication through a standardized API. Im...
Passkey support arrived in KeePassXC https://github.com/keepassxreboot/keepassxc/issues/1870
Just last week so it's not in any distributions yet, but a binary can be found here: https://snapshot.keepassxc.org/build-235575/
I haven't tried it yet because I haven't been using passkeys because it wasn't implemented in KeePassXC but now that it is I will try on some page which implements it. Just need to figure out who implements it. I think none of the Fediverse services does yet.
Just hoping Vaultwarden will get an update soon to also support it
It looks like it has been updated unless I am not reading it correctly.
https://github.com/dani-garcia/vaultwarden/releases/tag/1.30.0
"Added passkey support, allowing the browser extensions to store and use your passkeys, make sure the extension is updated to version 2023.10.0 or newer for passkey support."
This is fantastic news.
Eli5?
Instead of having a secret that both you and the server share (password). Only you have the secret. Basically, what happens is that the server sends a message to your device encrypted that says, "If you are person, please give me back this code unencrypted." And then it gives a code, for example. Your device decrypts that using your secret that you keep and then tells the server the code and the only way to have gotten that code is for you to have successfully decrypted the message the server sent.
By doing it this way, if the server is ever compromised, then it contains no secrets for your account to be brute force decrypted by a hacker.