• infeeeee@lemm.ee
    link
    fedilink
    English
    arrow-up
    29
    arrow-down
    1
    ·
    1 month ago

    There was a related news recently, that bitwarden and other pw managers will be able to sync passkeys between devices. Won’t that solve these issues?

    • uiiiq@lemm.ee
      link
      fedilink
      English
      arrow-up
      33
      arrow-down
      1
      ·
      1 month ago

      My thoughts exactly. I use Bitwarden and passkeys sync flawlessly between my devices. Password managers tied to a a device or ecosystem are stupid and people shouldn’t use them. This is true whether you use passwords or passkeys.

      That said, we cannot blame users for bad UX that some platforms and some devs provide.

      • Tetsuo@jlai.lu
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        1
        ·
        30 days ago

        Isn’t your password manager tied to an ecosystem with Bitwarden ?

        I’m surprised people trust third parties to hold their passwords.

        Wasn’t there multiple password managers that got powned over the years ?

        If you can sync Passwords you are also more exposed than some unhandy secure local password storage.

        • 4am@lemm.ee
          link
          fedilink
          English
          arrow-up
          7
          ·
          30 days ago

          Wasn’t there multiple password managers that got powned over the years ?

          Pretty much only LastPass

        • uiiiq@lemm.ee
          link
          fedilink
          English
          arrow-up
          4
          ·
          30 days ago

          I can use bitwarden on Windows, Linux, Mac, iOS, Android, on desktop app or using CLI. That’s a stark difference in comparison with built in Microsoft or Apple keychains. And yes, I trust Bitwarden.

      • iopq@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        6
        ·
        1 month ago

        Bitwarden is not usable on Linux desktop, keeps asking for password. The password can’t be too short, so it takes some time to type it in. I turn off my computer when it’s not needed, so I would just need to type in the password when I turn it on again.

        Anyone have a better solution?

    • hummingbird@lemmy.world
      link
      fedilink
      English
      arrow-up
      14
      ·
      edit-2
      1 month ago

      Not in all situations. And in a way a user will not be aware of. The service or website can define what type of passkey is allowed (based in attestation). You may not be able to acutally use your “movable” keys because someone else decided so. You will not notice this until you actually face such a service. And when that happens, you can be sure that the average user will not understand what ia going on. Not all passkeys are equal, but that fact is hidden from the user.

    • exu@feditown.comOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 month ago

      I remain hopeful. Initially, when Keypass wanted to include a simple export option there was talk of banning them from using Passkeys.

    • Rolling Resistance@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      30 days ago

      It does*.

      However when I’m trying to login with a passkey in my mobile browser, Bitwarden prompt isn’t showing up. I don’t know what’s wrong.

      • JohnWorks@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        3
        ·
        30 days ago

        If you’re using Android it’s more than likely just an OS issue. I have had a lot of issues on my phone trying to use passkeys let alone just the password manager.

        • mysticalone@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          30 days ago

          One of many reasons I hate android. In my experience the integration with technology: late and poorly polished, early and kneecapped, initially available then removed, or non-existent.

          I think its partly the fragmentation in the Android community and mostly Google’s influence.

      • 4am@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        30 days ago

        That’s weird, it works for me. Is there something you need to click on the mobile site?

      • snowsuit2654@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        1
        ·
        30 days ago

        I’ve found on my android phone that the bitwarden prompt comes up more reliably if I tap on the password field instead of the username field.