Gawd sometimes I hate passkeys.
-
Gawd sometimes I hate passkeys.
I have to deal with some fairly old people - people who have lost much of their vision and who have never been particularly technically minded.
The modern race-to-lock-everything has moved a lot of services (such as outlook) to move to passkeys.
That's nice - unless one is trying to deal with problems for an old person who is 800 miles away.
It appears that many of these services treat having a passkey as a one-way ratchet. Once someone (me) has set up a passkey (limited to my computer and phone) then the service switches to demand a passkey rather than the password to get in - but the old person's phone/computer does not have the passkey nor knows how to use it even if they did.
Our present Internet - largely programmed by young people with tech knowledge and good eyesight - is becoming increasingly hard to use by older people while things (like medical services) increase security that these people do not know how to use and can't be managed remotely.
@karlauerbach We're not quite that old or technologically infirm, but a woman of a certain age told me just yesterday that she really really disliked the 2-factor authentication that kept constantly (in her mind) requiring her to find her cell phone and copy over a 6 digit number "just to get into a website."
-
@karlauerbach passkeys are the only phishing-resistant multifactor authentication method, so their use is indicated everywhere
they are also incredibly brittle and probably shouldn't be used for any account that doesn't have professional support behind it.
@airshipper I personally like passkeys and use 'em when I can.
My complaint is that so much of our modern world is made by young people who have no experience with what happens as people age (and die) and the tasks that many of us have to undertake to support aging people on that journey.
I was particularly outraged how hard it was to sign into the outlook email account of one aging person. My computer/phone had a valid passkey, but that person's devices did not, so they wanted to use their old (and still valid) password. Outlook was like a ratchet - it said "oh you have a passkey, if you want to use a password - well you now have to jump through several badly labeled hoops that you won't understand."
And this was to allow them to sign into their health care service to fetch a 2FA email.
As a future executor of various estates I now know that upon their death the first thing I do is grab their cell phone (I have the login) and keep it powered on.
-
@karlauerbach We're not quite that old or technologically infirm, but a woman of a certain age told me just yesterday that she really really disliked the 2-factor authentication that kept constantly (in her mind) requiring her to find her cell phone and copy over a 6 digit number "just to get into a website."
@Bodling Yes, that aspect of 2FA really annoys me as well (that's one reason that I, being somewhat of a techie, like passkeys).
I find it useful that Apple has hacked MacOs to copy 2FA values out of text messages, paste 'em into to web forms, and then delete the text message.
-
@karlauerbach We're not quite that old or technologically infirm, but a woman of a certain age told me just yesterday that she really really disliked the 2-factor authentication that kept constantly (in her mind) requiring her to find her cell phone and copy over a 6 digit number "just to get into a website."
@Bodling @karlauerbach I also know such people.
-
System shared this topic
-
@Bodling @karlauerbach I also know such people.
@rodneylives @Bodling I suspect that many of us know several people who, either through age or physical or mental issues, have trouble with technological change.
And it is likely that many of us will have similar issues as we age.
Some will write off these people - saying that they are too old and out of touch to deserve a say in our politics or social policies - but I say the opposite: that these people often bring a great deal of practical experience that is little known (or unknown) to younger people. Indeed one could (but I won't) posit the contrary argument, that younger people do not have the experience and judgement to participate in elections. (Yes, that would be very wrong, extremely offensive to and dismissive of our younger citizens; I am merely stating it to demonstrate that there could arguments at both ends of the age spectrum.)
-
Gawd sometimes I hate passkeys.
I have to deal with some fairly old people - people who have lost much of their vision and who have never been particularly technically minded.
The modern race-to-lock-everything has moved a lot of services (such as outlook) to move to passkeys.
That's nice - unless one is trying to deal with problems for an old person who is 800 miles away.
It appears that many of these services treat having a passkey as a one-way ratchet. Once someone (me) has set up a passkey (limited to my computer and phone) then the service switches to demand a passkey rather than the password to get in - but the old person's phone/computer does not have the passkey nor knows how to use it even if they did.
Our present Internet - largely programmed by young people with tech knowledge and good eyesight - is becoming increasingly hard to use by older people while things (like medical services) increase security that these people do not know how to use and can't be managed remotely.
@karlauerbach I am constantly sayig "It isn't you. They are changing things and making it harder."
-
Gawd sometimes I hate passkeys.
I have to deal with some fairly old people - people who have lost much of their vision and who have never been particularly technically minded.
The modern race-to-lock-everything has moved a lot of services (such as outlook) to move to passkeys.
That's nice - unless one is trying to deal with problems for an old person who is 800 miles away.
It appears that many of these services treat having a passkey as a one-way ratchet. Once someone (me) has set up a passkey (limited to my computer and phone) then the service switches to demand a passkey rather than the password to get in - but the old person's phone/computer does not have the passkey nor knows how to use it even if they did.
Our present Internet - largely programmed by young people with tech knowledge and good eyesight - is becoming increasingly hard to use by older people while things (like medical services) increase security that these people do not know how to use and can't be managed remotely.
@karlauerbach it's me, I'm the old person who hates passkeys
-
Gawd sometimes I hate passkeys.
I have to deal with some fairly old people - people who have lost much of their vision and who have never been particularly technically minded.
The modern race-to-lock-everything has moved a lot of services (such as outlook) to move to passkeys.
That's nice - unless one is trying to deal with problems for an old person who is 800 miles away.
It appears that many of these services treat having a passkey as a one-way ratchet. Once someone (me) has set up a passkey (limited to my computer and phone) then the service switches to demand a passkey rather than the password to get in - but the old person's phone/computer does not have the passkey nor knows how to use it even if they did.
Our present Internet - largely programmed by young people with tech knowledge and good eyesight - is becoming increasingly hard to use by older people while things (like medical services) increase security that these people do not know how to use and can't be managed remotely.
I didn't know about the ratchet effect of passkeys.
-
I didn't know about the ratchet effect of passkeys.
@BillySmith The ratchet effect is not a property of passkeys themselves, but rather of the implementation of websites and network services that are thinking "passwords are weak and we must coerce people into switching".
-
Gawd sometimes I hate passkeys.
I have to deal with some fairly old people - people who have lost much of their vision and who have never been particularly technically minded.
The modern race-to-lock-everything has moved a lot of services (such as outlook) to move to passkeys.
That's nice - unless one is trying to deal with problems for an old person who is 800 miles away.
It appears that many of these services treat having a passkey as a one-way ratchet. Once someone (me) has set up a passkey (limited to my computer and phone) then the service switches to demand a passkey rather than the password to get in - but the old person's phone/computer does not have the passkey nor knows how to use it even if they did.
Our present Internet - largely programmed by young people with tech knowledge and good eyesight - is becoming increasingly hard to use by older people while things (like medical services) increase security that these people do not know how to use and can't be managed remotely.
@karlauerbach One of my parents has arthritis in their hands, and putting in a rotating passkey in 30 seconds is genuinely difficult for them some days. It makes them panic, and they just want to go back to using passwords with no time limit.
-
@karlauerbach One of my parents has arthritis in their hands, and putting in a rotating passkey in 30 seconds is genuinely difficult for them some days. It makes them panic, and they just want to go back to using passwords with no time limit.
@GamesMissed Ah, you have the timeout issue with Authenticator tools that I have - For some reason I can't remember number sequences accurately, so I am at a disadvantage with my bank-supplied RSA widgets (or things like the Google Authenticator app) to get the numbers transferred in the time window. I usually wait until a new time cycle begins, and a new number appears, before attempting it.)
(And yes, arthritis is quite a barrier - I can't really hold a pen, or always accurately use a touch screen, and I have trouble shaping my fingers to form chords on a guitar or mandolin.)
I try to do most financial things through a single desktop computer rather than trying to use a small screen mobile phone. That way I get bigger screens and a real keyboard.
And I sincerely detest websites that have turned on "Do not allow paste" into password fields. That seems such a stupid thing to do. (Consequently I have "Don't F**k With Paste" plugins turned on.)
-
@Bodling Yes, that aspect of 2FA really annoys me as well (that's one reason that I, being somewhat of a techie, like passkeys).
I find it useful that Apple has hacked MacOs to copy 2FA values out of text messages, paste 'em into to web forms, and then delete the text message.
@karlauerbach @Bodling As a younger person, I also love Apple for doing that. It makes 2FA bearable, so long as it’s my phone that I need the code for.
-
Gawd sometimes I hate passkeys.
I have to deal with some fairly old people - people who have lost much of their vision and who have never been particularly technically minded.
The modern race-to-lock-everything has moved a lot of services (such as outlook) to move to passkeys.
That's nice - unless one is trying to deal with problems for an old person who is 800 miles away.
It appears that many of these services treat having a passkey as a one-way ratchet. Once someone (me) has set up a passkey (limited to my computer and phone) then the service switches to demand a passkey rather than the password to get in - but the old person's phone/computer does not have the passkey nor knows how to use it even if they did.
Our present Internet - largely programmed by young people with tech knowledge and good eyesight - is becoming increasingly hard to use by older people while things (like medical services) increase security that these people do not know how to use and can't be managed remotely.
That's not all. I get the distinct feeling that most young people programming for the web have no idea how to do user interface design.
And change is constant. Nothing stays stable beyond the current release. One small example: The search icon moved from the top of my Android to the bottom but then you fill it in at the top. Great.
-
@enthusiast101 I am finding that MacOS and web browsers are annoyingly aggressive about capturing and replaying login names/keys. In today's mess MacOS, Safari, and Firefox were always trying to pop up my passkeys when I was trying to replicate the old person's password-based login.)
-
@airshipper I personally like passkeys and use 'em when I can.
My complaint is that so much of our modern world is made by young people who have no experience with what happens as people age (and die) and the tasks that many of us have to undertake to support aging people on that journey.
I was particularly outraged how hard it was to sign into the outlook email account of one aging person. My computer/phone had a valid passkey, but that person's devices did not, so they wanted to use their old (and still valid) password. Outlook was like a ratchet - it said "oh you have a passkey, if you want to use a password - well you now have to jump through several badly labeled hoops that you won't understand."
And this was to allow them to sign into their health care service to fetch a 2FA email.
As a future executor of various estates I now know that upon their death the first thing I do is grab their cell phone (I have the login) and keep it powered on.
@karlauerbach @airshipper I'm 76. Not particularly tech savvy. I refuse to use Outlook for anything because it was such a fucking mess 15 years ago when I had to use it for work. I also routinely refuse to use passkeys for anything.
-
That's not all. I get the distinct feeling that most young people programming for the web have no idea how to do user interface design.
And change is constant. Nothing stays stable beyond the current release. One small example: The search icon moved from the top of my Android to the bottom but then you fill it in at the top. Great.
@TooMuchCoffee User interface design is really hard to do well.
I've been in test cockpits in aircraft that were built to try out various pilot interface designs. And even then they sometimes make serious mistakes - look at the fate of the 737 Max or the easily mistaken engine fuel cutoff switch on early 767's.
One of the worst is Tesla's madness to turn everything into a touch on a touch screen.
My mother has bad vision so she prefers white on black - Apple blew that horribly on iPhones by simply reversing the color palette mapping - so even the icons and photos were shown in negative form. And with large fonts (that she needs) things no longer fit onto the iPhone screen and slop into never-never land.
Apple ought to know better - and they are improving - but it is clear that their priorities do not include aging people.
-
@enthusiast101 I agree with you that Linux is much better at this stuff than Mac OS (I don't use Windoz enough to have an opinion there.)
(I mostly use Linux/KDE and Freebsd for my main work, but for utility stuff, especially video work, I use MacOS.)
(I won't use Chrome out of principle.)
-
@TooMuchCoffee User interface design is really hard to do well.
I've been in test cockpits in aircraft that were built to try out various pilot interface designs. And even then they sometimes make serious mistakes - look at the fate of the 737 Max or the easily mistaken engine fuel cutoff switch on early 767's.
One of the worst is Tesla's madness to turn everything into a touch on a touch screen.
My mother has bad vision so she prefers white on black - Apple blew that horribly on iPhones by simply reversing the color palette mapping - so even the icons and photos were shown in negative form. And with large fonts (that she needs) things no longer fit onto the iPhone screen and slop into never-never land.
Apple ought to know better - and they are improving - but it is clear that their priorities do not include aging people.
The 737 Max is an even worse evil. They wrote into the requirements that there would be no new training for MCAS.
So they changed the airplane behavior and did not tell the pilots.
-
The 737 Max is an even worse evil. They wrote into the requirements that there would be no new training for MCAS.
So they changed the airplane behavior and did not tell the pilots.
I forgot to add: they did the no new training requirement because airlines were complaining that it would cost $1M per pilot.
Those were the days when the CEO was a Jack Welch protege, who ran things from a spreadsheet and worried about cost more than safety.
-
Gawd sometimes I hate passkeys.
I have to deal with some fairly old people - people who have lost much of their vision and who have never been particularly technically minded.
The modern race-to-lock-everything has moved a lot of services (such as outlook) to move to passkeys.
That's nice - unless one is trying to deal with problems for an old person who is 800 miles away.
It appears that many of these services treat having a passkey as a one-way ratchet. Once someone (me) has set up a passkey (limited to my computer and phone) then the service switches to demand a passkey rather than the password to get in - but the old person's phone/computer does not have the passkey nor knows how to use it even if they did.
Our present Internet - largely programmed by young people with tech knowledge and good eyesight - is becoming increasingly hard to use by older people while things (like medical services) increase security that these people do not know how to use and can't be managed remotely.
@karlauerbach My favourite is biometric (as in, checked online) authentication for banks. Both my parents have had their accounts erased because they can't port to the shiny new smartphone based app, which means something as simple as a balance check requires a trip to the physical branch...
