![]() Please, if I am reading this wrong, feel free to tell where I got things wrong. This sounds like you can't use the private key in the Yubikey since you'd be sharing a private key across services. FIDO2’s public/private-key credential - one that can’t be reused, replayed, or shared across services Yubico also has a FAQ on passwordless logins here:įIDO2 is built on the work of FIDO U2F, the previous standard, and is based on public key cryptography. ![]() They’re different because Platform created passkeys will be copyable by default using the credentials for the underlying cloud account (plus maybe an additional password manager sync passphrase), whereas passkeys in YubiKeys are bound to the YubiKey’s physical hardware where they can’t be copied. ![]() We are evaluating increasing this in the future because of the likely increase in fully passwordless experiences across the web that require them. Currently, YubiKeys can store a maximum of 25 passkeys. They’re the same because YubiKeys have had the ability to create these passwordless enabled FIDO2 credentials (passkeys) since the YubiKey 5 Series became available in mid-2018. Q: How are passkeys different from YubiKeys? ![]() Yubico did a FAQ on passkeys here where they say that the Yubikey can support only 25 passkeys: People chime and say that resident keys are not required, and other people chime and say resident keys ARE required. ![]() I've posted this question on a few other forums, and it leads to the same confusion. Yubico support told me that FIDO2/CTAP2 is passwordless login and requires one of the 25 resident key slots. ![]()
0 Comments
Leave a Reply. |