thus rendering them redundant, because their strength is being bound to a single physical device. if they’re portable, they’re as good as asymmetric key pairs.
Their strength is being half a cryptographic key, not that they’re device bound.
That was a “requirement” that big tech wanted, to force you to be dependent on TPM storage, so you’d be forced to use a Trusted™ device and OS. It was made optional after pushback from basically everyone else.
Password managers support Passkeys now. Bitwarden and KeePassX among others.
As long as I trust that my password manager is secure, and as long as I use a strong master password or (better) have a hardware key to unlock it, it is way more secure than a password, and I can still install Linux without losing my logins.
KeepassXC supports passkeys as well.
i’m assuming most people will use the default, which will probably be google lock in anyway.
thus rendering them redundant, because their strength is being bound to a single physical device. if they’re portable, they’re as good as asymmetric key pairs.
Their strength is being half a cryptographic key, not that they’re device bound.
That was a “requirement” that big tech wanted, to force you to be dependent on TPM storage, so you’d be forced to use a Trusted™ device and OS. It was made optional after pushback from basically everyone else.
Password managers support Passkeys now. Bitwarden and KeePassX among others.
As long as I trust that my password manager is secure, and as long as I use a strong master password or (better) have a hardware key to unlock it, it is way more secure than a password, and I can still install Linux without losing my logins.