Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mastodon.social/users/gerowen/statuses/113844235584109175">Marcus (gerowen@mastodon.social)'s status on Wednesday, 29-Jan-2025 02:09:24 JST</a><a href="https://mastodon.social/@gerowen" title="gerowen@mastodon.social"><img src="https://gnusocial.jp/avatar/24923-48-20241121062705.webp" width="48" height="48" alt="Marcus" style="position: absolute; left: 0; top: 0;">Marcus</a></section><article><p>I haven't adopted <a href="https://mastodon.social/tags/PassKeys" rel="tag">#PassKeys</a> for my accounts because, as far as I can tell, there aren't really any options that let me own my private key and store it myself; they all depend on trusting somebody like Google, Meta or Apple to handle it for you, which completely defeats the purpose in my opinion.  Like <a href="https://mastodon.social/tags/PGP" rel="tag">#PGP</a> / <a href="https://mastodon.social/tags/GPG" rel="tag">#GPG</a>, I want to own the private key so I can manage it myself.  Trusting your PassKey to a third party app that's only on your phone introduces a single point of failure.</p><p><a href="https://mastodon.social/tags/Security" rel="tag">#Security</a> <a href="https://mastodon.social/tags/Privacy" rel="tag">#Privacy</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4465930#notice-8742181">In conversation</a><time datetime="2025-01-29T02:09:24+09:00" title="Wednesday, 29-Jan-2025 02:09:24 JST">about 3 days ago</time> <span>from <span><a href="https://mastodon.social/@gerowen/113844235584109175" rel="external" title="Sent from mastodon.social via ActivityPub">mastodon.social</a></span></span><a href="https://mastodon.social/@gerowen/113844235584109175">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/4036957">A screenshot of a message prompt I got when trying to set up a passkey with one of my online accounts.  It doesn't give me the private key to save into the app of my choice, it demands that I use the mobile app on a Google or Apple device to set up and use the passkey.</a></label><br><a href="https://files.mastodon.social/media_attachments/files/113/844/224/770/830/773/original/77a8e4435bc60df0.png" rel="external">https://files.mastodon.social/media_attachments/files/113/844/224/770/830/773/original/77a8e4435bc60df0.png</a></li><li><label><a rel="external" href="https://gnusocial.jp/attachment/4036958">A screenshot of a message prompt I got when trying to set up a passkey with one of my online accounts.  It doesn't give me the private key to save into the app of my choice, it demands that I use the mobile app on a Google or Apple device to set up and use the passkey.</a></label><br><a href="https://files.mastodon.social/media_attachments/files/113/844/225/137/900/323/original/e20d6ee0cea73d3e.png" rel="external">https://files.mastodon.social/media_attachments/files/113/844/225/137/900/323/original/e20d6ee0cea73d3e.png</a></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Marcus (gerowen@mastodon.social)'s status on Wednesday, 29-Jan-2025 02:09:24 JST Marcus
I haven't adopted #PassKeys for my accounts because, as far as I can tell, there aren't really any options that let me own my private key and store it myself; they all depend on trusting somebody like Google, Meta or Apple to handle it for you, which completely defeats the purpose in my opinion. Like #PGP / #GPG, I want to own the private key so I can manage it myself. Trusting your PassKey to a third party app that's only on your phone introduces a single point of failure.
#Security #Privacy
In conversationabout 3 days ago from mastodon.socialpermalink
Attachments
1. A screenshot of a message prompt I got when trying to set up a passkey with one of my online accounts. It doesn't give me the private key to save into the app of my choice, it demands that I use the mobile app on a Google or Apple device to set up and use the passkey.
  https://files.mastodon.social/media_attachments/files/113/844/224/770/830/773/original/77a8e4435bc60df0.png
2. A screenshot of a message prompt I got when trying to set up a passkey with one of my online accounts. It doesn't give me the private key to save into the app of my choice, it demands that I use the mobile app on a Google or Apple device to set up and use the passkey.
  https://files.mastodon.social/media_attachments/files/113/844/225/137/900/323/original/e20d6ee0cea73d3e.png

Public

Embed Notice

HTML Code

Corresponding Notice