Casey Liss
👤 SpeakerAppearances Over Time
Podcast Appearances
Take control of your data and keep your private life private by signing up for Delete Me and now at a special discount for our listeners.
Get 20% off your Delete Me plan when you go to joindeleteme.com slash ATP and use promo code ATP at checkout.
The only way to get 20% off is to go to joindeleteme.com slash ATP and enter code ATP at checkout.
That's joindeleteme.com slash ATP, code ATP.
Thanks to Delete Me for sponsoring our show.
I have some thoughts, and then we'll kick it to John, who will have the right answers.
The way I've embraced PassKeys is...
when a website asks me hey you want to make a passkey it's much better blah blah blah um i will usually at that point say yes and do my fingerprint or whatever um i have also found that as i am still bouncing between apple password or apple passwords and one password um although more more one password these days since i'm still using chrome as my default desktop browser um
the way both of them handle pass keys is fine you know with apple you go to a website if it wants a pass key it'll show you the standard like touch id face id prompt and you you know you you do you authenticate that way and it gets you in with one password if you have the browser extension it just if it's if it's unlocked already it'll just show a little thing in the upper right corner and it's like you want to use the pass key click to log in you click to log in and it logs you in um
Both of those are fine.
The 1Password one is, I think, a little more convenient of just providing the security in a different way, but they're both fine.
My main issue with passkeys is that it's kind of like that old XKCD comic that's like, we have too many standards.
Here, I made a new standard.
From a technical and security perspective, they're amazing.
They're way better than everything we had before.
But from the actual user experience of using them in practice most of the time...
It's just another thing that gets added to the pile of things that we are supposed to keep track of and have in a password manager or something and try to share maybe with mixed success with family members or coworkers or whatever.
It can be done very well.
In an ideal implementation of passkeys, both on the platform side and on the website side, they're better than everything else.