Passkeys: They're not perfect but they're getting better

lknuth 10/28/2025|

Speaking of passkeys, could they be used to authenticate to a local application - say for unlocking a password vault (perhaps through a Yubikey)?

dist-epoch 10/28/2025||

Probably not.

But YubiKey supports multiple protocols, one of them surely could work for your use case.

shortsunblack 10/29/2025|||

Yes. HMAC extension allows for this use case.

angry_octet 10/29/2025||

They could, it's just an API.

commandersaki 10/29/2025||

Passkeys are a convenient second form of authentication that goes overlooked when accounts are hacked.

vivzkestrel 10/29/2025||

if you really want passkeys to succeed why not implement it at the browser level. Basically everytime you visit a new website the browser has never seen before, the browser initiates a handshake of sorts with that website and secures a passkey for it which is stored. If the user wants to log in to that website, the browser can automatically patch in the details as and when required

smthglbert7 11/4/2025||

[dead]

hamonrye 10/29/2025||

[dead]

senin6588 10/29/2025||

[flagged]

taccal 10/29/2025||

[flagged]

donald6 11/3/2025||

[flagged]

eric1west 11/2/2025|

[flagged]