Friday December 9, 2022; 2:18 PM EST
- I am starting to check out passkey, which as I understand it is an alternative to passwords that uses platform biometrics and keystores. One of the sites that supports it is BestBuy.com, for which I have an account. I have a Macbook and I have iPads that support passkey, so I went ahead and set it up my account to use it. #
- The first problem is that I can only use Safari to set up and use passkey because it uses iCloud Keychain to sync across Apple devices. So, this appears to me that I either can only use my passkey configuration with the Apple platform or I have to set up separate passkeys for every platform that I use. Right off the bat I can see this is way too much friction. #
- Right now I use a password manager that works for every platform that I use, so I use the password manager to create one password and then I can use that password whether I am using a Mac, Android phone, iPad, or Windows. Passkey is dead on arrival if it is not as simple to use as passwords. I must be missing something because I cannot understand how this can be seriously promoted. Passkeys appears to be developed for people who ONLY use one platform vendor and I am not one of those people.#
- Another test I tried is creating a passkey for Passkeys.io using ChromeOS and my Pixel 4a. First I tried creating a passkey from the Chromebook and while it prompted for my phone (a Pixel 4a) it didn't store the passkey on the phone, so in following attempts it would not work. It wasn't until I first went to the site using my Pixel 4a, created the passkey on the phone AND then tried logging in from my Chromebook that it worked. Again, way too many hoops and way too complicated. #
- Finally, I went to a Windows computer running Chrome opened passkeys.io and clicked Sign in with a passkey. I select the Pixel 4a and then got prompted to provide my finger scan after which it logged in. #
- Thought of one more test, which is signing in to BestBuy.com from ChromeOS. First, I signed in to the site using Chrome on the Pixel 4a and set up a passkey. Next I went to the site in Chrome OS but it doesn't seem to know about using the Pixel 4a for the biometric authentication and since the Pixelbook does not have it, it says flat out I can't use Passkey. #
- In another test I opened BestBuy.com in Chrome on a Windows PC that has its own biometric capability and as such it also refused to use the Pixel 4a. Apparently, I would have to create yet another passkey to log in with one on the Windows PC. Mind you, to do any of this set up you must initially create an account with an ID and password, so tell me again how any of this is better than a password manager and passwords? #
- So, from my experimentation it appears that only Apple has figured out a way to create for users to create a passkey from one device, like the Macbook, and then be able to use that same passkey across multiple devices like the iPad. For Google it appears that passkeys are specific to the device so it has to be created on the "authenticating device," in my case the Pixel 4a, first, and then can be used across platforms on which Chrome is running so long as the computer I am using does not have its own biometrics. What a mess!#