- cross-posted to:
- technology@lemmit.online
- cross-posted to:
- technology@lemmit.online
“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.
Never forget that technologically speaking you’re nothing like the average user. Only 1 in 3 users use password managers. Most people just remember 1 password and use it everywhere (or some other similarly weak setup).
Not remembering passwords is a huge boon for most users, and passkeys are a very simple and secure way of handling it.
I work for multiple organizations. The majority of which have a Google sheet with their passwords in that are
Those that aren’t are
Exactly.
At one point the organization I work for had a password that was literally
Password-022!
, guess what it was the following month?I had to start hashing passwords and sending it to the haveibeenpwned API.
I also fight with my users over data normalization because any time I add some rule (like don’t put “SO#” as part of the value of the “SO#” field), they’re too stupid to realize the point and find some other “hack” around it.