"What is that? An umbrella? Are you afraid of a little rain? Are you gay? What's the umbrella for, so you can stick it up your ass?"

I'm ripping off Bill Burr here. Macho men are drooling morons who die at age 54. Why ask them their opinion on anything?

I'm not against passkeys. They have some real advantages. And I understand more than you think.

My comment is primarily about the preferred ecosystems that tend to come along with these newer solutions (like Apple's iCloud or Google's Password Manager) and how the corporations take advantage of user laziness and bandwagon jumping.

They may not force you to be exclusive with them, but they definitely want you to be. And over time they will likely make it more and more inconvenient not to be locked in with them.

For contrast, I use BitWarden for password management and Bitwarden Authenticator for TOTP (and I keep safe copies of TOTP secret keys elsewhere). This is a generic open-standards-first approach to things, with relatively easy recovery should you lose something. You can export your passwords. You have copies of your secret keys. You are in no way locked in to BitWarden forever.

Passkeys can also work within that type of operational framework! Like TOTP which normally uses RFC6238, Passkeys tend to use CTAP or WebAuthn. All of the above are open standards. And this is a good thing!

But do you really think Apple, Google, Microsoft, etc, want to play nice long term? Hopefully they will. But I have also run into evil nonsense like LastPass, which even though they also used open standards, their software would not allow you to do simple things like recover your own secret keys, export your data, etc. (Not to mention the embarrassing security breach they had and the wretched response, the main reasons to dump them).

While I am not directly comparing an idiot company like GoTo Tech with Apple et al, they all have the same types of big brain MBA types working for them who love to constantly brainstorm new ideas on how to screw the users over by taking features away and calling it a "software upgrade".

So, passkeys as a security mechanism: sure, this gets my vote. But trusting the big corporations not to change the rules on us later....come on, get real. They love limiting or removing portability and recovery options whenever they can.

Bottom line: don't assume passkeys are inherently good or bad. It's simply a security standard that can work well if implemented correctly. Passkeys make logging in easier. But will they also make recovery / export / migration easier....? Because if it's not easy, people won't do it.

Whenever I read an article about security (and read the comments, even here on Lemmy) I'm constantly frustrated and depressed by a couple of things.

1. Corporations making things shittier with the intention of locking customers in to their stupid proprietary ecosystem. And of course, they are always seeking more data harvesting. Security itself is way down the list of their priories, if it's even there at all.

2. Users being lazy trend-followers who quickly sacrifice their security on the altar of convenience and whatever shiny new FOMO thing is offered up for "better security".

It's a very bad combination. Doing security right is a bit inconvenient (which users hate) and expensive (which corporations hate).

Like a lot of folks, I use and recommend Bitwarden for passwords management. Their Authenticator app is really good for mobile TOTP, too.

I assume it's c) other: You're trying to keep lemmies talking, which is appreciated. 🙂

The Dude abides.

In addition to "Survival Mode" I've also heard this called "Crisis Management". Not sure if that's what you were looking for.

Streamlight makes some simple on/off models. Like the Streamlight Microstream 66323. Very bright for its small size.

And all things Meta.

When I had to flash my BIOS and pray that it didn't brick my PC I cursed them, saying "Fuck Intel, I hope their stock plummets!"

You're welcome everyone.

I am hoping (probably naively so) that lemmy's stock of technical answers will continue to grow and eventually become a half decent archive for people to search for potential solutions.

I like being able to check how busy a place is, but not like this. Simple head count or an average wait time is good. Using web cams is creepy overkill. Typical tech bro invasive shit.