<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<div class="moz-cite-prefix">On 4/19/25 1:27 PM, Theodore Ts'o
wrote:<br>
</div>
<blockquote type="cite" cite="mid:20250419172759.GA210438@mit.edu">
<pre class="moz-quote-pre" wrap="">A great solution to this is Fido 2 with hardware authentication and
passkeys.</pre>
</blockquote>
<p>Passkeys are heading for some difficult growing pains.</p>
<p>To oversimplify, we don't trust users to choose good passwords,
not recycle passwords, and not be fooled into handing them over to
the wrong folk, so Passkeys take over those tasks, keep the user
from having direct access to the passwords, squirrel them away in
a vague but supposedly safe place, and dole them out as needed and
only as needed. This works well in simple cases, but what happens
when the user want access to the same passkeys from some subset
of: his/er personal Linux box running Firefox, Windows laptop from
work running whatever MS does these days, ipad, and Android phone,
etc.? It turns into a cross-ecosystem, online, password manager,
that <b>damn</b> is complicated, not at all clear to the user
what is going on, and, by the way, hasn't been built yet.</p>
<p>Replacing passwords is a bit like generating electricity from
fusion, an appealing idea, but really hard. Possibly even harder*.<br>
</p>
<p><br>
</p>
<p>-kb, the Kent who has a lot of respect for traditional passwords.</p>
<p><br>
</p>
<p>* How could fusion be easier? One key reason is because we are
allowed to train the operators of the power plants! But there is
an Accepted Truth that we are not allowed to teach the user
anything! Not even cautionary tales along the lines of <i>Little
Red Ridinghood</i>, because that would be blaming the user. No,
we need a purely technical solution. To the ages old problem of
humans finding tricks by which to defraud other humans. Good luck.<br>
</p>
</body>
</html>