HACKER Q&A
📣 CGMthrowaway

What is a passkey and why is everybody asking for one lately?


As someone with unique passwords, 2FA, email aliases and a decent password manager and I see no real appeal to passkeys. If anything they seem less secure than what I have now. I understand how it’s leaps and bounds better for people that have reused and simple passwords.

However, the "passkeys" branding is pretty much exclusively used for keys that sync, usually with the platform authenticator. Wouldn't that be kind of a big deal, if you were a tinfoil hatter? Am I missing anything?

  👤 runjake Accepted Answer ✓
Because Passkeys are considered more secure. They had a rough, confusing start but seem to be taking off.

I don't know your level of technical knowledge, but Passkeys are essentially a key pair (public/private) that follows the FIDO2/WebAuthn standard, similar to how PGP, SSH keys, or even website SSL keys work.

The difference here is the private key is stored in a Secure Enclave or a Trusted Platform Module (TPM) on your devices. The Secure Enclave/TPM are theoretically hardware-isolated so that even your OS can't directly access them (no DMA). Instead, you use a special authentication API to make the calls. Again, no direct memory access (unless an exploit is found. :-P)

Normally, you use biometrics or a PIN to provide user verification to the Secure Enclave/TPM, which unlocks access.

Here's how the flow works as I understand it:

1. You visit a website and try to login.

2. The server sends a randomized challenge string.

3. Your device's authenticator signs that challenge using the private key.

4. That signature gets sent back to the server.

5. The server verifies the signature using the public key it has on file.

Why Passkeys are cool:

- No shared secrets, so there's nothing on the server that's useful to steal.

- They're phishing resistant, the browser or whatever ensures the origin matches before allowing auth.

- No replay attacks because the server issues a new randomized challenge string every time.

- No cred stuffing because each passkey is unique to the service it's generated for.

This should all be correct to the best of my unexpert knowledge.

👤 kasey_junk
Your approach is not phishing resistant. Whether that trade off is worth the centralization you are seeing is worth it, is your choice. But the consensus view by the security community is that it’s reasonably easy to get even sophisticated users credentials via phishing.
👤 throw28158916
If you go into to website over https your browser validate certificate for that domain. Great. Now what if I told you it is possible to do this but in reverse? Web server can ask a certificate from your web browser to validate your identity. So both ends know that the other is legitimate. Now the question is where to store that certificate? As a file on disk? Seems like bad idea - too easy to steal. Instead of that we can store them in dedicated hardware like yubikeys or tpm module. And the great thing is they are resistent to phishing because certificates use mathematics and can not be fooled by wrong url in browser address bar. So generally passkeys are just authentication using certificates.

(Although I recommend reading more about FIDO2 keys and webauthn instead of passkeys, because passkeys are one specific variant of FIDO2 webauthn + marketing around it.)