EmailDiscussions.com  

Go Back   EmailDiscussions.com > Email Service Provider-specific Forums > FastMail Forum
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read
Stay in touch wirelessly

FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc.

Reply
 
Thread Tools
Old 14 Aug 2024, 01:16 PM   #1
pjroutledge
Senior Member
 
Join Date: Jan 2010
Location: Melbourne, Oz
Posts: 144
Passkeys

Fastmail has apparently introduced passkeys in production.

I just successfully created a passkey.

But it doesn't seem to be possible to log in to Fastmail (the passkey is not recognised).

Don't delete your password yet!
pjroutledge is offline   Reply With Quote

Old 14 Aug 2024, 02:18 PM   #2
Fenman
Cornerstone of the Community
 
Join Date: Feb 2003
Location: UK (East Anglia)
Posts: 753
It just worked fine for me.

Edit: It made me wonder whether some ways work better than others. I'm using webmail Firefox and the passkey is stored in the Bitwarden addon. It's worked both in beta and production.

Last edited by Fenman : 14 Aug 2024 at 02:42 PM. Reason: Additonal info
Fenman is offline   Reply With Quote
Old 14 Aug 2024, 03:08 PM   #3
dryoldlime
Member
 
Join Date: Aug 2023
Posts: 84
I tried reading about Passkeys but still do not understand. Explain what and how you can.
dryoldlime is offline   Reply With Quote
Old 14 Aug 2024, 04:21 PM   #4
pjroutledge
Senior Member
 
Join Date: Jan 2010
Location: Melbourne, Oz
Posts: 144
I'm using a Firefox fork 'Floorp' and Bitwarden.

Earlier I got the message that the passkey wasn't recognised (can't remember exact wording).

Now I get "Could not connect to server." when using the passkey, but I can log on quickly and easily using my userid and password.

Teething problems, perhaps.
pjroutledge is offline   Reply With Quote
Old 14 Aug 2024, 09:27 PM   #5
JeremyNicoll
Cornerstone of the Community
 
Join Date: Dec 2017
Location: Scotland
Posts: 505
Quote:
Originally Posted by dryoldlime View Post
I tried reading about Passkeys but still do not understand. Explain what and how you can.
Assuming you read about it on the FM blog, tell us which bits (presumably some of the introduction, maybe the "why are they better" part) you DID understand, and where you begin not to understand.


Also, do you understand anything of how public key cryptography works?

See: https://en.wikipedia.org/wiki/Public-key_cryptography
JeremyNicoll is offline   Reply With Quote
Old 14 Aug 2024, 09:32 PM   #6
evfrson
Senior Member
 
Join Date: Oct 2015
Location: Singapore
Posts: 172
As far as I understand things, it seems you need very recent versions of operating systems (in the Apple ecosystem in particular) for passkeys to work.
Is this correct ?
evfrson is offline   Reply With Quote
Old 14 Aug 2024, 11:51 PM   #7
somdcomputerguy
Cornerstone of the Community
 
Join Date: Jun 2004
Location: Rupert, WV
Posts: 892
Quote:
Originally Posted by pjroutledge View Post
I'm using a Firefox fork 'Floorp' and Bitwarden.
I use floorp also, but as my 'main secondary' browser, the role of 'primary browser' is played by Pale Moon. I use KeePass, not Bitwarden to manage my passwords and other data.

- Bruce
somdcomputerguy is offline   Reply With Quote
Old 15 Aug 2024, 02:50 AM   #8
placebo
Cornerstone of the Community
 
Join Date: Jun 2004
Posts: 749
It worked for me using Safari and 1Password. I already had a passkey set up to be used as a security key for 2FA, so I had to remove that one from my account before creating the passkey for login.

When I created the passkey, 1Password replaced the old one I had stored. I logged out and then tried to log in again. I was prompted to use the passkey to log in to my account, and it let me right in.

ETA: I just verified that the passkey works in Firefox, Brave, and Arc as well.

Last edited by placebo : 15 Aug 2024 at 02:57 AM.
placebo is offline   Reply With Quote
Old 15 Aug 2024, 02:54 AM   #9
placebo
Cornerstone of the Community
 
Join Date: Jun 2004
Posts: 749
Quote:
Originally Posted by evfrson View Post
As far as I understand things, it seems you need very recent versions of operating systems (in the Apple ecosystem in particular) for passkeys to work.
Is this correct ?
I think this is true if you want OS-level support for passkeys, like being able to share passkeys between devices using iCloud Keychain. But if you use a password manager, like 1Password, which doesn't use iCloud for synchronizing, I expect you can use older versions of the operating system on which the password manager can run.
placebo is offline   Reply With Quote
Old 16 Aug 2024, 09:04 AM   #10
pjroutledge
Senior Member
 
Join Date: Jan 2010
Location: Melbourne, Oz
Posts: 144
Cool Working now

My Fastmail passkey (same one I created a few days ago) is working this morning.

Still using Floorp and Bitwarden.

Yay!
pjroutledge is offline   Reply With Quote
Old 16 Aug 2024, 12:27 PM   #11
easemail
Member
 
Join Date: Nov 2010
Posts: 79
Some more details about passkeys in the help file: https://www.fastmail.help/hc/en-us/a...44335-Passkeys

Passkeys seem like such a niche solution that it's hard to imagine wide adoption, but then again so did 2FA not that long ago either, and now that stuff is everywhere.
easemail is offline   Reply With Quote
Old 17 Aug 2024, 09:03 AM   #12
TenFour
Master of the @
 
Join Date: Feb 2017
Location: USA
Posts: 1,814
What I don't understand is why passkeys are supposedly more secure when you still have the option of using a username and password to login. Doesn't that mean that hackers can bypass the passkey and get in the old-fashioned way? I tried passkeys on several accounts, but they just seemed like a hassle with no additional benefits. In every case they were used as a possible 2FA factor but you still needed alternate methods of logging in or 2FA. Using Linux, I was never able to get Google to let me log in using just a passkey. Plus, more than once the passkey logins just failed.
TenFour is offline   Reply With Quote
Old 17 Aug 2024, 10:08 AM   #13
pjroutledge
Senior Member
 
Join Date: Jan 2010
Location: Melbourne, Oz
Posts: 144
Quote:
Originally Posted by TenFour View Post
What I don't understand is why passkeys are supposedly more secure when you still have the option of using a username and password to login. Doesn't that mean that hackers can bypass the passkey and get in the old-fashioned way?
Yes, it does.

The idea is that you should delete your username and password access, so that a passkey is your only option. Then your account is more secure.

But, of course, it would also mean that you are totally dependent on your passkey. No fall-back alternative if you lose it or corrupt it.

I feel more comfortable with a passkey and with a userid/password with 2FA as a backup.

I am inclined to think usernames and passwords are too well entrenched to be replaced by passkeys. I think passkeys would only take off if the big sites (Google, Microsoft, Apple, etc) enforce them.
pjroutledge is offline   Reply With Quote
Old 17 Aug 2024, 10:45 AM   #14
trikotret
Member
 
Join Date: Nov 2021
Posts: 80
Quote:
Originally Posted by pjroutledge View Post
Yes, it does.

The idea is that you should delete your username and password access, so that a passkey is your only option. Then your account is more secure.

But, of course, it would also mean that you are totally dependent on your passkey. No fall-back alternative if you lose it or corrupt it.

I feel more comfortable with a passkey and with a userid/password with 2FA as a backup.

I am inclined to think usernames and passwords are too well entrenched to be replaced by passkeys. I think passkeys would only take off if the big sites (Google, Microsoft, Apple, etc) enforce them.
Ya I am using passkey with Gmail and fastmail with my username/password as backup. The only reason I decided to use passkey with my emails, just incase I need to login on someone else's computer to access my email. Otherwise, I am sticking my with username/passwords and 2fa for all other sites. Everything stored on Proton Pass.
trikotret is offline   Reply With Quote
Old 18 Aug 2024, 03:19 PM   #15
dryoldlime
Member
 
Join Date: Aug 2023
Posts: 84
Quote:
Originally Posted by JeremyNicoll View Post
Assuming you read about it on the FM blog, tell us which bits (presumably some of the introduction, maybe the "why are they better" part) you DID understand, and where you begin not to understand.


Also, do you understand anything of how public key cryptography works?

See: https://en.wikipedia.org/wiki/Public-key_cryptography
I just tried a web search and found https://www.fastmail.com/blog/introducing-passkeys/ .
I read some of it, and reached and read into the part, "What are passkeys and why are they better than passwords?" Then the first paragraph there I do not fully understand. Part of the stoppage of my understanding, is that I use my username and password to verify "It's Me". I never expect these to change unless I make the change and only rarely.

I do not know do not understand how public key cryptography works.
dryoldlime is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


All times are GMT +9. The time now is 01:21 PM.

 

Copyright EmailDiscussions.com 1998-2022. All Rights Reserved. Privacy Policy