Want to Dive into Suicidal Disaster?
“What are passkeys? Google announces the end of passwords” https://uk.news.yahoo.com/passkeys-google-announces-end-passwords-164545614.html
A LinkedIn friend referred me to this anti-educational report.
It reads “What are passkeys? Google announces the end of passwords — From October 10, Google is pushing passkeys over passwords, making it easier for customer to log into their accounts using pin, face, or fingerprint authentication. Passkeys are 40 per cent faster than passwords but even more secure due to their reliance on a certain type of cryptography, Google account users will be prompted to create a passkey for their account by default”.
Eye-catching is that they seem to believe that they can know what is unknowable, say, they can compare the security effect of ‘what we remember’ and that of ‘what we possess’ on the same plane. How can we compare a cleverly produced strong password or an extremely silly password with an extremely foolishly deployed hardware or a cleverly deployed hardware?
Even more eye-catching is that they talk only about the security effect of ‘No-Password + Cryptography’ (A) as against ‘Password + Nothing’ (B), but escape talking about that of ‘Password + Cryptography’ ©, presumably because they know that it is logically impossible to assert that (A) is more secure than ©.
Also intriguing is that they treat ‘PIN’, which is a numbers-only low-entropy password, as something that does not belong to the password family. This could be called by ‘security by word’.
Their talk of biometrics is misguiding, too; This 2-minute video would smash their wrong perception of biometrics, straight away and forever — “Biometrics in Cyber Space” https://youtu.be/wuhB5vxKYlg
Curious to know more about this crucial issue? — Here is my latest post on this subject ‘Admin123’ as Top Security Threat — Wonder or No Wonder? (11Oct2023) https://www.linkedin.com/posts/hitoshikokumai_cisa-publishes-top-10-most-common-security-activity-7117715048738824192-H2Ao
/
