A new study reveals that passkeys—widely promoted as a safer login method compared with passwords—may unintentionally expose users to serious risks in situations involving interpersonal abuse. The research introduces the first framework for analyzing how digital authentication tools can be exploited in contexts such as intimate partner violence, elder abuse and human trafficking.
I’m disappointed(?) that this didn’t really have anything that seems to differ from password managers in general.
But that does not mean this study should be dismissed. Just because they didn’t find new and exciting ways to be horrible that aren’t analogous to passwords in password managers, it doesn’t mean it was worthless to look into it.
Also, if I’m wrong, and the situations described can’t just all have a password manager swapped in, then please correct me!
I guess if someone isn’t using a password manager, and is managing to remember all their passwords, or keep them safe in the physical world somehow, passkeys are worse.
I’m guessing they expect password managers to be protected by a master password, and passkeys to be freely available once you have (brief) access to the device?
I’m guessing in some abusive relationships the abused forces access to the password manager, so that wouldn’t be better.
Well yeah no password protects against a maniac with a wrench, but that’s not what this study is about