Either by sending a code to SMS or Email, you are able to sign into your account without ever needing to or being able to add a password. Why has this become a thing recently?
Either by sending a code to SMS or Email, you are able to sign into your account without ever needing to or being able to add a password. Why has this become a thing recently?
I’m paranoid so I view passkeys and similar streamlined login mechanisms as a way to make it easy for police to access your entire digital life once they unlock your phone.
This is why manufacturers started pushing biometric unlocking so hard. Once someone has access to your person and phone they no longer need PINs or passwords to gain access to everything.
If a service were going to passkeys for sake of law enforcement or works be so much easier for them to just comply with bypassing auth to access the user data altogether. Passkey implementations originally only supported very credible offline mechanisms and only relaxed those requirements when it became clear the vast majority of people couldn’t handle replacing their devices with passkeys.
For screen lock for the common person it was either that or nothing at all. So demanding a PIN only worked because most of the time the user didn’t have to deal with it owing to touching a fingerprint or face unlock.
People hate passwords and mitigate that aggravation by giving random Internet forum the same password as their bank account. I wouldn’t want to take user passwords because I know I have a much higher risk of a compromise somehow leading to compromise of actually important accounts elsewhere.
Most phone OSes now have a “lockdown mode” which temporarily disables biometric authentication until you use a PIN to unlock it.
For me, the lockdown mode is on the shutdown menu that you get of you hold the lock button for a few seconds. (I have stock android on Pixel 7). Alyernatively, I could hold the power button surreptitiously until the phone reboots, requiring my PIN to unlock it.