sonofearth

Cherry on top, the country is extremely tech illiterate and any form of protest will directly land you in prison on the grounds of terrorism w/o a fair trial.

Given the fact that India is the most polluted country in every single metric and one of the most corrupt, doesn’t make me think the generators they used were at all efficient lol.

No No! He is a non-biological being who is destined to save the country sent by shri ram himself! /s

We had a scam in our city where our electric buses were being charged by Diesel Generators.

Ironically, for me, Arch has been the “Just Works” Distro lol.

I set my mother up on my Vaultwarden instance and she uses it just fine w/o needing to configure anything other than me setting it as the Default Passkey Provider.

Didn't have to explain her anything other than telling her to scan her fingerprint when the prompt comes. 🤷🏻‍♂️

Glad I deleted my account.

… continues to make Play Integrity an integral part of Android and making all the stupid banking and govt apps requiring having it on your phone thus making it harder to de-google.

still no… fuck you.

That’s why it’s important to avoid vendor lock-in and use actual reputable password managers to secure your passkeys such as Bitwarden, 1Password, or KeePass. On Android 14+ and iOS, you can even set your preferred password manager as the default passkey provider.

If you don’t fully trust Bitwarden servers, you can self-host a Vaultwarden instance, which is compatible with Bitwarden clients. Alternatively, using a yubikey is also a great hardware based option. Just because Google & Microsoft are heavily promoting passkeys doesn’t mean they’re inherently bad.

Passkeys work flawlessly for me across platforms:

• Android 14–15 (except on Brave with de-Googled devices)
• iOS 17–26 (and likely beyond)
• Windows 11
• Linux; while it doesn’t have OS-level integration yet, passkeys work perfectly in modern browsers

Personally, I use passkeys everywhere. I host my own Vaultwarden instance to store all my passkeys, and for redundancy, I also keep separate ones in my Keepass database, which I use for TOTPs. My self-hosted stack is secured by Authentik, running completely passwordless and uses passkeys for authentication and other apps integrate via OAuth and Proxy Auth.

I still don’t quite understand the issue you mentioned with websites. Typically, the passkey mechanism is triggered directly by the browser or OS (if you’re on mobile). You’ll be prompted to either save a new passkey or sign in with an existing one. If your password manager is correctly set up as the default credential provider, it should work seamlessly. Even without a browser extension, most Chromium-based browsers let you scan a QR code with another device that has your passkeys or you can simply insert a yubikey to authenticate.

What infuriates me is that some services like Amazon use passkeys only as second factor and asks for an OTP anyways which defeats the whole purpose. But for services that do it right, passkeys works seamless!

What are using lol? I have never been asked to plug in my phone to a computer. I have use Bitwarden and KeepassXC and also used my phone to scan the QR in chromium browsers for passkeys and it just worked in all the browsers flawlessly (even ungoogled chromium). I just want Linux Distros to allow setup a default password manager for the user and implement passkeys auth mechanism for the apps installed in the device.

But what’s dystopian about passkeys? They are actually more secure than Password + TOTP. Phishing out a passkey is practically impossible.

I am not dependent on any ecosystem for passkeys. I have a self-hosted vaultwarden instance that works with Bitwarden clients. I create and store my passkeys over there primarily and in my keepass db (which I primarily use for TOTPs) for redundancy. So if either one gets compromised, I can just delete the passkey for the accounts involved in that database.