this post was submitted on 22 Dec 2025
101 points (91.1% liked)

Technology

77899 readers
2569 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
101
What is a Passkey? - Computerphile (www.youtube.com)
submitted 1 day ago by AcesFullOfKings@feddit.uk to c/technology@lemmy.world
41 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] EncryptKeeper@lemmy.world 3 points 17 hours ago (1 children)

Complex how exactly?

[–] hperrin@lemmy.ca 1 points 16 hours ago (1 children)

Here, these specs are what they’re based on:

https://passkeys.dev/docs/reference/specs/

[–] EncryptKeeper@lemmy.world 2 points 15 hours ago (1 children)

Right but what about it do you think is complex?

[–] hperrin@lemmy.ca 1 points 9 hours ago* (last edited 9 hours ago)

A number of things. The key is stored on and accessed by a separate coprocessor from the CPU, so the CPU doesn’t even know the private key. That takes its own protocol, over i2c, usb, Bluetooth, etc. Then the browser has to coordinate that protocol to communicate with the web protocol from the frontend JS. There’s also the concept of server verification, so it’s a more complicated handshake than just one signature going one way. Then, of course, there’s the inherent complexity of public key cryptography in general, but you only need to worry about that if you’re writing it from scratch with no library.

From a basic web dev perspective, it’s not much more complex than a password, but that’s because the complexity of the protocols is hidden behind the libraries. A password actually isn’t complex, even when you remove the libraries.

(The private key does not have to live in a separate coprocessor, but that’s the most secure method, and the one covered by the protocol.)