You will use the biometrics cuck

I don't understand. A few years ago i remember when you tried to use biometrics on your phone they would specifically warn you that it's not as secure as a password/pin. In fact I still think Android will only let you use biometrics if you have a pin. With that in mind, why are they trying to force this, especially when it requires a phone with fingerprint reader or a camera, which may not be available on every device you're trying to sign in on.

>>105620957
its like how on the early internet, they'd tell you never to use your real name or reveal too much information about yourself, but then once the banks took over, every website wants your id and ss# and much more. security take a back seat to moneyed interests

>>105620957
Biometrics are inexact, which means that no key material can be derived from them. That's why a password is still required to unlock and decrypt your device storage on startup. Biometrics are also not legally protected, so if the feds want to use it to unlock your device, they can. Passwords are legally protected though.

>>105620606 (OP)
>passkey
>biometrics
not mutually exclusive

This device has no biometrics and stores up to 100 passkeys.

>>105620957
Fednaggers. It makes their job easier when they attempt to assault you without cause.

>>105621049
>break or lose your yubikey
>locked out of every account you ever had
>yubikey gets stolen
>now said person has access to all your accounts
epic

>>105620957
>they would specifically warn you that it's not as secure as a password/pin
Sounds pretty retarded, since you can't copy a fingerprint or a face scan, at least easily. Meanwhile anyone can copy a numerical PIN by just peering over your shoulder in the bus.

>>105621074
>>break or lose your yubikey
>>locked out of every account you ever had
Never forgotten a password before?

>>105621082
Yes, but the great thing about passwords is they can be recovered or reset to your email. Passkeys and MFA almost never can without many phone calls and praying you get a retarded indian that does a reset on the account

>>105620606 (OP)
Good

>>105620606 (OP)
>Passwords are legally protected though.
Depends on the country. Here in France, they can put you in prison for up to 5 years if a judge asks for your password and you refuse to give it to them.

>>105621049
>stores up to 100 passkeys
so I need 10 of those to keep all my accounts save? PASS!(keys (lol))

>>105621283
You have 1000 accounts that need passkeys? I hardly believe that.

>>105620606 (OP)
Passkeys have no requirement to be secured with biometrics you stupid nigger. A yubikey or similar fulfills the requirement just fine.

>>105621308
You don't?

>>105621091
backup devices. You can also just stick the passkey in keepass and back that up.

>>105621372
your BLACKED.com account doesn't need a passkey, anon.

>>105620606 (OP)
>company making thing wouldn't mind other companies being pushy about thing
shocking

>>105621275
your honor, of course my password is and has always been "judgelebaguettesucksdongs1234ohoho", what, it doesn't work? the fa- i mean, officers must have damaged the device somehow, what a shame!

>>105621074
>>yubikey gets stolen
>>now said person has access to all your accounts
You can add a PIN code to your Yubikey.

>>105621283
If you wanna get a Yubikey, yes. I imagine Yubico is gonna add support for more in the future, since I think the older Yubikeys had support for like 20 passkeys (even though they weren't called "passkeys" back then).

>>105621523
1Password is still mostly a password manager, not a passkey repository.

>>105622083
>You can add a PIN code to your Yubikey.

>get passkeys/token to replace password/pin
>protect them with a password/pin

>>105620957
>In fact I still think Android will only let you use biometrics if you have a pin
do you understand what factors are

>>105620606 (OP)
>guy who sells thing wants companies to mandate thing
oh wow, no shit

>>105620606 (OP)
>billions must verify

>>105621049
why the fuck would this save only 100 passkeys? do they put like literal kilobytes of flash memory on them? what?

>>105621017
>Passwords are legally protected though.
In theUS, but not in yurop and other dictatorships

>>105620606 (OP)
>business wouldn't mind external push to acquire new clients
Shocker.

>started making a KeepAssDX file
>try the extra hardware file login
>don't feel comfortable with having to use a file that I can lose etc
>return to just password login
>doesn't feel any different than having a Google Notes file with the passwords
Should I keep using KeepAssDX? Is it a good app?

>>105623037
It's an encrypted database. It works great so long as you don't install a keylogger or something. Generally what you should be doing is storing copies of the database somewhere; What I do is I have the master copy on a webdav share (owned by me of course) that I can access from any device and it all stays synced. Then that master copy is backed up regularly off-site.

>>105621074
that's why I only use it for 2FA
fuck passkeys

>>105622953
>do they put like literal kilobytes of flash memory on them?
no, they put kilobytes of secure memory on them.
https://en.wikipedia.org/wiki/Secure_element

>>105622338
>>get passkeys/token to replace password/pin
>>protect them with a password/pin
And how do you phish a passcode?

>>105621074
>he doesn't know he can upload the same GPG sub-keys to multiple YubiKeys
Lol, lmao even.

>>105623226
>GPG
It's not 2005 anymore

>>105622996
Europoorean here. In my cuntry (Pooland) and a few other places here there really isnt a law that would force you to reveal your passwords. Ofcourse some countries like UK do that, so you should be carefull where you travel, ideally dont take any devices on which you hold any sensitive data. If your case is very serious here, they might try to push so-called "extraction arrest" which is illegal practice used by lawyers to abuse their power and held someone in custody for above-average time to force him into cooperation, but it doesnt happen to often, I used to know people who "pretended" that they forgot passwords to their drives and got away with it, but don't take those examples as any form of affirmation though.

>>105623250
Are you implying there's a workable alternative?

Age is not there yet, too many usability issues. For one, GPG and Age agents are incompatible with one another, so you can't gradually migrate, you'd have to move everything to Age to make it work properly.

>>105620606 (OP)
Looks like I moved away from corpo shit at the right time. Suck for all you other consumer cucks.

>>105623276
What do you need to do that you can't do with well designed tools?

>>105620606 (OP)
Nah, I don't like your attitude. So I won't use them.

Your shitty attitude is one of the reasons I still use X.org and it's why I don't use systemd or rust.

>>105623292
Like what? There's nothing else.

>>105623302
What do you mean?
You can use age for encryption. If you need to sign shit, use minisign.
The web of trust is complete garbage.
What am I missing that can only be done by gpg?

>>105623342
Commit signing.

Also, as I said, i wouldn't mind age if the agents were compatible, but they are not.

>>105623439
https://docs.sigstore.dev/cosign/signing/gitsign/

>>105623512
>https://docs.sigstore.dev/cosign/signing/gitsign/
Ugh, yet another tool. I'd rather just replace gpg with age, but signing on github requires keys with touch, and i relly don't feel like touching the yubikey every time I commit. It's a pain.

>>105621052
this. when everything is a hardware key or fingerprint they can force it out of you.

>>105623061
I have the file in my documents on the phone and Google drive.
So the file is encrypted. It's not just a doc with password login. That's something.

>>105620606 (OP)
I don't even know what a passkey is.

>>105622996
Dutchman here. You cannot be compelled to reveal a password. https://lawfox.nl/blog/vingerafdruk-ontgrendeling/

They've been fear mongering about passwords not being good enough on TV and FM radio for about a year now. I try not to listen to the propaganda broadcast but I can't help overhearing it from time to time.

The end goal is to have everyone logged in the Government's database with a federal ID. Which you'll need to access anything including the internet. It's why they've been working over time to make it so older devices (pre-2015 or so) obsolete. They don't want you to be able to access the internet and interact with other people even thought they're all backdoor'd and botnet. It isn't about tracking at this point they've had that going for a long time now. It's about preventing access all together. Since they know no matter how hard they shit the place up with bots/shills there are many people that won't buy in to the daily propaganda. Same play book as always. It's why they always have controlled op e-celebs squatting on every niche.

Anytime they're shilling something as "security" it's always about control+power for them. I had hundreds of old gmail accounts I've used for all sorts of things over the years. Mainly burner accounts for signing up to forums and services that don't exist anymore. They're slowly locking me out of them one by one. Since I refuse to give them a cell phone number. They claim the password is no longer good enough and the passwords I've used (no matter how long and complicated) aren't strong enough. They never cared about security. They just don't want people to be able to participate without having your full dox. Since IP+cookies aren't a total guarantee that it's the person in the database logged under those using the device at any given time.

Normalfags will fall for it of course. They always do. They'd sell their soul just to have access to endless scrolling, porn and websites that feed their own opinions back to them.

It's all a slow march to the social credit system and full dystopia.

>>105620606 (OP)
passkeys aren't related to biometrics

>>105626922
Retard

>>105626935
Retard

>>105626841
Yeah they're moving towards a social-ID internet system like china where you have to use your mobile phone number (tied to your identity in the system) to access anything. I think they'll use anti-bot as the final push and the very last captcha will be a valid mobile phone number that's tied to your identity.

>>105628502
They've already effectively done this if you want to use anything that normalfags use. Impossible to use things like twitter, facebook and the rest of the social media cancer "platforms" they're on without the sim card. Even the stuff that LARPs are free speech/alt-right/whatever usually won't let you lurk without that. Or they'll let you lurk but constantly nag you to sign up and log-in to do things like read the comments.

They've been promoting the
>bots spreading disinformation
stuff hard at all the events they go to lately. Like the yearly circlejerks where the richfags get together and pretend like they're giving speeches to each other instead of reading prepared statements. They push the same talking points over and over again. Which boil down to
>we need to dox people to stop <other country> bots from spreading disinformation
>we need to dox everyone to prevent them from saying mean things on the internet
>only cowards hide behind a screen name everyone should use their real name
>it isn't really censorship because these are private companies doing the censorship

Same lies we've been hearing for years at this point. They've already locked in the normalfag's internet down hard in the last decade. Just compare how things are now to how they were in the early-mid 2010s. Can't shitpost and spread information to social media anymore. Now they flood all the real channels with screenshots of cancer from social media and expect >us to react to >them. Used to be the other way around. Used to be >we could unearth some dirt and spread it to social media with burner accounts and (they) were forced to damage control through MSM. Now they don't even bother with damage control at all. They just spread bold faced lies and say anything that is truth is "disinformation". It's really fucked.

>>105628817
And since you're here, you couldn't possibly want to use any of these, right anon?

>>105628826
>responds before I even get halfway through reading my own post
Totally organic reply from real human. Not bot reacting to the names of platforms I used in my post. No sir.

>>105620606 (OP)
Nah I will not.
But keep trying, I love seeing tech companies struggling to make useless tech work and trying to push it to everyone.

>>105628832
This isn't reddit, I stopped reading after your first sentence because I don't want any more brain damage than that. Now go back.

>>105620606 (OP)
Rather use biometrics than outdated security protocols like passwords and database managers

>>105629065
Your fault for being retarded and using a manager

>>105629065
I don't understand why people keep significant amounts of money in crypto. Unless it's dirty money.
At some point you have to shift things over to less risky assets.

>>105620606 (OP)
No.

>>105621389
So basically I need to buy 2 yubikeys for $65 each. Nice try pushing your chink shit. Nobody will ever do that.

>>105620606 (OP)
there is literally nothing in the passkey spec that links it to biometrics, thats just what the companies slap on top. use keepass, it supports passkeys

>>105620957
This is a CEO from a software company selling a specific service saying that he wants big companies to treat his service as mandatory. What's so surprising here? That this particular guy wants money?

>>105620606 (OP)
There is a limitation of passkeys in practical usage scenarios where shared access to a single account is needed (e.g., family subscriptions or shared services). While passkeys are more secure, they are not yet a full replacement for password-based sharing in such contexts.

>>105626841
the porn bans are another angle of this.
Of course porn is satanic and should be banned, but since when has the government ever given a shit about your welfare? It's purely to get people to submit documents for internet access.

>>105631829
>Porn should be banned.
No it should not.

>>105631829
>Of course porn is satanic and should be banned
Pornography is not satanic because heaven and hell are fictitious and giving the government more power and influence destroys people. There are important lessons you should understand for why limiting government is crucial.

>>105629423
Do you also only have a single key to your house because spare keys cost?

Don't you guys have fingerprints?

>>105632144
Except you don't NEED a key to every online account. A password suffices and you know that you colossal faggot. The same can't be said for a house.

>>105628817
it starts with the small things, first its taboo stuff like loli, even though the fags rarely if ever raid other boards since theyre glad theyve been given a platform to engage in, then more censorship rolls in to protect "kids" in the internet while we all know who hold all the pizza databases to flood anon's home if he doesnt comply. then shit like NZ happens and you see stuff like
>cripple-chan being deplatformed
>anons losing cohesion as every single attempt at resurrecting it through things like webring get taken down through their "tools"
>/pol/biwan kenobi got killed off and now the board is but a husk of its former self
>most oldfags are either confined to the mailing lists, IRCs or herded back here since every single half-chan competitor that was relevant go taken down.
>we've lost the power to influence normalfags through shitposting and power memes

2019/2020 was the order 66 of imageboards.

only solution is to fight back or fuck off to the sky with the animu girls and blackjack.