Apple Aiming to Replace Passwords With New Passkey Feature

[MallardDuck]

Just curious why, not agreeing or disagreeing with you. They just recently joined the FIDO alliance per their blog:

We’ve joined the FIDO Alliance to build a better future for authentication | 1Password

1Password has joined the FIDO Alliance to help build safer, simpler, and faster login solutions for everyone.

blog.1password.com

Thanks for the link - was wondering about that. It'd provide a backup for the 'lost all devices' option if they can integrate it.

But...sigh....electron.....

 

[Deguello]

Unfortunately there are other ways to phish people without getting their passwords and they keep getting more sophisticated. If you haven’t watched Scammer Payback you should check it out.

True enough, but there’s only so much you can do so save people who go out and buy Walmart gift cards to “repay” an overly large “refund.” Or who let people take control of their computer to implement the refund.

 

[_Spinn_]

Seems like a good effort to improve security. Hopefully websites actually support this.

 

[zoomp]

Is it still very simple to change our Apple ID once gained access to the iPhone? That's the issue locally... thieves are constantly exploiting this when the devices is unlocked (like while talking). The only way to avoid this is activating screentime which is cumbersome.

 

[aParkerMusic]

So with iCloud even more Lock-in to Apple ecosystem.

If it provides value, convenience, and security, not really sure why anyone would be upset with “lock-in”. Apple provides package solutions, that’s their thing, their ecosystem. I don’t understand why people seem surprised or upset when the components of the ecosystem are designed to work well within as opposed to outside. It’s not a matter of “fairness”, it’s a matter of “what type of arrangement do you want?” If you like fragmented, go elsewhere, thats fine, there are great choices out there. If you want what Apple provides, go for it.

EDIT: Imagine downvoting “this is one option provided by a company that very deliberately says this is the kind of solution they provide, but there are lots of other great options out there if you like a different style. So, choose the one you want”. What is happening to people? lol Absolute insanity haha There are some tech-fanatics that will just complain anytime they think they can’t tinker and configure endlessly, as needless and inefficient as it might be. And they just refuse to go find the products that serve their needs instead of complaining about the ones that don’t. Truly bizarre. The thumbs dumb are giving me strength on this one, delicious.

 

[ignatius345]

There are unknowns about what happens to passkeys when transitioning away from Apple to another platform like Android, as Apple has not detailed what would happen in this situation.

Yup. This is where it gets very murky for me and feels like another way to lock users into their platform.

Passwords are a very minor PITA if you use a password manager. And a lot of the security risk is mitigated if you use two-factor authentication properly. I get that those are big "ifs" but I think I prefer to manage my own stuff for some semblance of ownership, versus handing over the keys to everything to one platform like Apple or Google.

 

[DotCom2]

This is interesting, and the FIDO design is compelling. The one question I haven't heard clearly answered is 'how do you recover if you lose *all* your devices?'

Most strong authentication systems break down when the fall back to a flimsier solution.

That is explained in the article if you read it closely again.

 

[ericwn]

Yeah 1Password is the antithesis of what FIDO is trying to accomplish.

As far as I know they are a member of that alliance.

 

[HobeSoundDarryl]

This is interesting, and the FIDO design is compelling. The one question I haven't heard clearly answered is 'how do you recover if you lose *all* your devices?'

You buy new devices. Is Apple geniu$$$ or what?

 

[ignatius345]

I don’t understand why people seem surprised or upset when the components of the ecosystem are designed to work well within as opposed to outside.

It's the "as opposed to outside" that's the issue. Why not both? Wherever possible they should be building on top of existing standards.

Wasn't that long ago you could use the messaging service of your choice in iChat, for example. Now it's evolved into Messages and we consider ourselves lucky it works with SMS. Not that Apple is the only culprit here -- every platform is closed and wants to lock you in. Net result, you get to hop between Messages, Whatsapp, Messenger... it's dumb and annoying and driven by "engagement" ($$$).

 

[The Barron]

1Password has been my "Go To" for years, so this needs to be at least, if not more, robust & secure "as all get out," as the saying goes. Conversely, I'll bet 1Password is in major scramble mode right now as they hurry to innovate a new version that will stay ahead of Apple.

 

[turbineseaplane]

1Password has been my "Go To" for years, so this needs to be at least, if not more, robust & secure "as all get out," as the saying goes. Conversely, I'll bet 1Password is in major scramble mode right now as they hurry to innovate a new version that will stay ahead of Apple.

Maybe - I don't know

As I've shopped around the last year, I've grown to appreciate what a good job 1P really does, especially if one has cross platform needs.

I'm personally really happy having dedicated companies for very important things.

I'm paid and very happy with Fastmail and 1P
(probably happier with FM than 1P overall)

Having my passwords/secure info tied to the whims of Apple and their software "quality" and lack of caring about integrations or cross platform -- just sounds awful to me personally

 

[jgbr]

No thanks, I'll keep my password thanks which I know works on any platform.

 

[canadianreader]

Big tech wants us to transition to passkey I guess it's good thing.

 

[turbineseaplane]

Big tech wants us to transition to passkey I guess it's good thing.

"Big tech wants" is rarely a "good thing" for the rest of us

 

[Lioness~]

I hope Apple make Passkeys 1Password unnecessary in the long run.
I am still on the non-subscription, and didn't like the subscription path.

Go Apple, make this really really good for us.

 

[canadianreader]

Passwordless Future. Nice!!! Not going to lie this does seem well encrypted and secured.

Something I don't quite understand. When it comes to privacy and user data like passwords usually Google and Microsoft have a bad reputation yet people seem to like their initiatives. I hope one day I'll understand this double think.

 

[Apple_Robert]

Passwords for websites will be required -for as long as you’re alive-.
There’s hundreds of millions of websites and most assuredly, a large percentage of them aren’t going to change their log in procedure.
Some will. A lot won’t.

It is a good feature but, as you say, the offerings will be slim at best for years to come. I don't see this becoming mainstream any time soon.

 

[Apple_Robert]

Something I don't quite understand. When it comes to privacy and user data like passwords usually Google and Microsoft have a bad reputation yet people seem to like their initiatives. I hope one day I'll understand this double think.

Because a lot of people like the syncing offered by Google and other tidbits that come with, even though they know the privacy stinks. I don't understand it, either.

 

[canadianreader]

"Big tech wants" is rarely a "good thing" for the rest of us

From what I'm reading in the comment section same people who usually distrust Google and Microsoft seem very happy with their passwordless solution. I guess deep inside they trust them.

 

[turbineseaplane]

I hope Apple make Passkeys 1Password unnecessary in the long run.
I am still on the non-subscription, and didn't like the subscription path.

Go Apple, make this really really good for us.

Apple is all about getting more folks locked into subscriptions = that is a huge push of theirs the last few years.

If they really make something as robust as 1P, you'll likely end up just paying a subscription fee to Apple instead.

 

[turbineseaplane]

From what I'm reading in the comment section

There's the first mistake ..

 

[citysnaps]

So with iCloud even more Lock-in to Apple ecosystem.

Go with SanyoCloud and find happiness?

 

[canadianreader]

There's the first mistake ..

It's some form of mild insanity isn't it. It's like saying I don't trust Google and I'll take their passwordless encryption.

 

[turbineseaplane]

It's some form of mild insanity isn't it. It's like saying I don't trust Google and I'll take their passwordless encryption.

It's a branch of why we need a lot of work on anti-trust in the USA

Folks need more options so they aren't beholden to using so many things from companies they may really not like on a lot of fronts --- simply because there are so few reasonable or realistic or actually great options to choose from.