We had originally planned to go all-in on passkeys for ONCE/Campfire, and we built the early authentication system entirely around that. It was not a simple setup! Handling passkeys properly is surprisingly complicated on the backend, but we got it done. Unfortunately, the user experience kinda sucked, so we ended up ripping it all out...
I always thought of passkeys as a convenient way to authenticate.
I am password-less on multiple services.
I have an authentication app on my phone that authenticate me when I am away of my computers. I have passkeys on my personal computer and another set of passkeys on my work laptop.
If I have to authenticate from your computer I simply use my auth app, click on “it’s a public computer” and I am good to go.
The dude discovered a butter knife and he tries to replace his spoon with it just to realize it doesn’t work well for eating a soup.
Do you add separate keys on every device?
If you do, how long does it take you to add a new device?
For example, when you login on Github, go in your settings, authentication & security on the left.
Click “add passkey”, enter your Windows Hello PIN, click save.
It will ask you to enter a name, so I go with ComputerName-GitHub
Click ok.
Done with this device.
How long does it take? Well, how fast can you do these steps?
This does not scale. I have 400 logins in my Bitwarden account right now.
Ok