That sounds great, but also isn't a solution for most people.
Brokkr
joined 2 years ago
It is not portable in the sense that you need bitwarden installed on the device you are trying to connect from.
Passwords can be plain text, which means I can copy, paste, and dictate them to a device that does not have additional software installed.
Not at all the same. I can type or dictate my passwords on any device with a keyboard. I am not reliant on an individual device continuing to work. In fact I could get all new devices tomorrow, with no access to any previous device, and log into all my accounts within minutes.
Passkeys do not allow, and specifically prevent, that.
They were surpassed by password managers and 2fa.
Oops, meant passkey manager, fixed it.
Sounds like a password manager would make that way easier. Changing your password would involve a few extra clicks. Also, you might want to check with your IT folks. Asking people to constantly change their password is a good way to weaken password strength. I don't use docusign, but there is probably a setting that they can change.
Sure, they probably work great when you have your *passkey manager on the device, but that's not when I need to have backup routes into my accounts. When using a new device, or someone else's, having even a complicated password that can be typed or copied-pasted has way more functionality.
As far a I can tell, using passkeys would only risk locking me out of my accounts. Everyone else is already effectively locked out.
While the lock-in issue is annoying and a good reason not to adopt these, the device failure issue is a tech killer. Especially when I can use a password manager. This means I can remember two passwords (email and password manager), make them secure, and then always recover all my accounts.
Passkeys are a technology that were surpassed 10 years before their introduction and I believe the only reason they are being pushed is because security people think they are cool and tech companies would be delighted to lock you into their system.
Other than being north Korean and using a fake identity, this sounds like the Key and Peele sketch when their plan to rob a bank involves getting jobs at the bank and collecting a salary, and then doing that for years. Full stop.
Learning how to do remote IT work seems like a good living for anyone with a decent internet connection.
It usually means that 300 people were involved in the project at different stages of its lifetime. It probably also includes the people involved in sourcing the material, tools, people, workspace, etc. That's probably 20 people who likely never touched the final product. There likely was also some marketing and business people involved. They did probably put hands on the final product for a photo op.
As an American, I think finding the dumbest of us would be hard given the amount of competition.
view more: next ›
Yes, you have to trust the company storing the passwords.
A good company can store passwords in ways that are secure to most hacking attempts. It isn't impossible to break the encryption typically used, but it is difficult enough that most thieves will not have the resources or time to make use of the data. They want the low effort password databases, not the difficult and expensive ones.