惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Hacker News: Ask HN
Hacker News: Ask HN
WordPress大学
WordPress大学
H
Help Net Security
小众软件
小众软件
N
Netflix TechBlog - Medium
C
Check Point Blog
量子位
Last Week in AI
Last Week in AI
GbyAI
GbyAI
Martin Fowler
Martin Fowler
M
MIT News - Artificial intelligence
博客园 - 聂微东
Engineering at Meta
Engineering at Meta
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
J
Java Code Geeks
D
DataBreaches.Net
Project Zero
Project Zero
P
Proofpoint News Feed
T
Threat Research - Cisco Blogs
Security Latest
Security Latest
Cisco Talos Blog
Cisco Talos Blog
Recorded Future
Recorded Future
I
Intezer
L
Lohrmann on Cybersecurity
Cyberwarzone
Cyberwarzone
博客园_首页
C
Cyber Attacks, Cyber Crime and Cyber Security
L
LangChain Blog
P
Palo Alto Networks Blog
V
V2EX
D
Darknet – Hacking Tools, Hacker News & Cyber Security
T
The Exploit Database - CXSecurity.com
The Hacker News
The Hacker News
Blog — PlanetScale
Blog — PlanetScale
G
GRAHAM CLULEY
T
The Blog of Author Tim Ferriss
C
Cisco Blogs
The Register - Security
The Register - Security
L
LINUX DO - 热门话题
P
Privacy & Cybersecurity Law Blog
Scott Helme
Scott Helme
F
Full Disclosure
博客园 - 司徒正美
Recent Announcements
Recent Announcements
IT之家
IT之家
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Attack and Defense Labs
Attack and Defense Labs
Cloudbric
Cloudbric
Help Net Security
Help Net Security
The Last Watchdog
The Last Watchdog

Passkeys Developer Resources on passkeys.dev

Client Hints Related Origin Requests Bootstrapping Reauthentication Libraries Test Sites & Tools iOS & iPadOS Chrome OS Android macOS Windows Known Issues Specifications Terms About passkeys.dev Device Support Privacy Policy
What are passkeys?
2022-09-25 · via Passkeys Developer Resources on passkeys.dev

Passkeys are a replacement for passwords. A password is something that can be remembered and typed, and a passkey is a secret stored on one’s devices, unlocked with biometrics.

Passkeys are:  

Intuitive

Creating and using passkeys is as simple as consenting to save and use them. No having to create a password.

Automatically unique

By design, passkeys are unique per-service. There’s no chance to reuse them.

Breach-resistant

A passkey is only stored on a user’s devices. Relying Party (RP) servers store public keys. Even servers that assist in the syncing of passkeys across a user’s devices never have the ability to view or use the private keys for a user’s passkeys.

Phishing-resistant

Rather than trust being rooted in a human who has to verify they’re signing into the right website or app, browsers and operating systems enforce that passkeys are only ever used for the appropriate service.

The guidance on this site is currently targeted towards sites and services that are using either password only or password + OTP (SMS, app TOTP, app push, magic link) sign in flows. Future guidance will include more advanced and higher assurance scenarios.