Are there any plans to support passkeys for forum login? Would really like to see it.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Passkeys
- Thread starter southerndoc
- Start date
- Sort by reaction score
Black_Mage
macrumors 6502
I'd prefer sign in with Apple, but since that's not happening a passkey would be nice.
Last edited:
We do have plans for passkey support. It requires upgrading our forum software, and we're in the process of testing our setup with it in a development environment and getting bugs ironed out. I don't have a time frame for deployment, but it's definitely in the works.
I see no advantage of passkeys. It is no faster than passwords with autofill and if you have two factor enabled you must still go through that authentication.
maflynn
macrumors Broadwell
Agreed, and then there's sites like amazon that nags me about the passkey.
I use a password manager with complex passwords, I don't see any advantage
If you research how passkeys work, you'll grow to prefer them. They are more secure.
maflynn
macrumors Broadwell
Even then, proper cryptographic challenge-response should be fundamentally more secure than sending plain text passwords. OK, those are always going over https: these days, but https is a steel door on a tent thanks to its weak identity verification. Plus, you have no way of knowing that the server isn't just storing your plain text password, or even bothering to check more than the first 8 characters...
Also, beware the "works for me" factor: lost of people out there don't "use a password manager with complex passwords" - and (implemented properly) passkeys will be vastly better than "pa$$word4" for such users. Likewise, passkeys can't be "phished" - and even if you are savvy enough to avoid that, many users aren't.
Of course, the problem is the transition - the advantage of passkeys doesn't really cut in until they completely replace passwords. As long as it's "Whups, the passkey didn't work, please enter your password" you're still trusting your password to https and however the server stores it, and the phishable will still be phished.
Well, yeah, that's the whole point of two factor authentication.
maflynn
macrumors Broadwell
If Passkeys are implented correctly, you don't need 2FA. If I log into PayPal with my passkey, that's all I need. If I use the username and password option, I need to use 2FA to complete the login.
Anonymous Freak
macrumors 603
Passkeys are assumed to have MFA as part of them - when you use a passkey on an iPhone, it will use FaceID to unlock the passkey. That's the second-factor.
Apparently not. You said you don't see any advantage to them compared to using complex passwords with a password manager. If you truly understood how passkeys worked, their advantages would be obvious.
And why use passkeys for mac rumors? If my account is hacked, I just create a new account. All websites are not equal and I prefer to use faceId through apps on sites that matter.
Anonymous Freak
macrumors 603
Passkeys can be optional. You don't have to use them. The ask is to make them an option for people who want to use them.
maflynn
macrumors Broadwell
So it seems if I have a dissenting opinion, then I must be ignorant of the wonderful advantages of passkeys? Is that it?
Sorry to burst your bubble but I’m familiar with them, I know the advantages and disadvantages. I made an informed decision
I know it’s shocking but one can have a different opinion
If your account gets hacked then please contact us rather than creating a new account. Multiple accounts are not permitted.
With today's forum upgrade, passkeys should now be available. Let us know if you have any issues.
johannnn
macrumors 68030
I'm new to passkeys. But does that mean that its now possible to remove your regular password login? Since passkeys are assumed to be more secure. Like can Macumors remove the password entry from my username? Or will Apple's Passwords.app now have 2 entries for Macumors, one for password and one for passkey?
Here is my Playstation login in the Passwords app. It shows both the old password and the Passkey all in one entry.
Howard2k
macrumors 604
Yep. I still have a password as well as a passkey.
Through single-factor authentication I need to know either. Through multi-factor authentication I need both.
But if my passkey is stored on my laptop along with my password, as shown above, it's a trivial login process even with both credentials being validated.
Some places let you remove your password, but MR does not do that (yet).
Through single-factor authentication I need to know either. Through multi-factor authentication I need both.
But if my passkey is stored on my laptop along with my password, as shown above, it's a trivial login process even with both credentials being validated.
Some places let you remove your password, but MR does not do that (yet).
I'm sure eventually many websites will migrate to passkey only. For now, most websites require both. If you don't have your passkey handy, then you login with username/password + 2FA. If you have the passkey, then that's all you need to login... no 2FA. All my passkeys are synchronized with Bitwarden so I can use it on multiple devices.
Glad to see the option for Passkeys. I like passkeys when I’m logging on to an account from a non-Apple device, like from my Steam Deck
Black_Mage
macrumors 6502
There should have been an announcement on the front page. This is awesome news. I just set up passkey and it works great.