They are still different to a password in that the service you are logging in to... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		SchemaLoad 3 months ago \| parent \| context \| favorite \| on: Tailscale state file encryption no longer enabled ... They are still different to a password in that the service you are logging in to never gets the private key. So in the case the database gets compromised, if the service provider ensures no edits were made / restores a backup, there is no need to change your passkey since it was never exposed.

yencabulator 3 months ago [–]

That was possible before passkeys.

https://www.rfc-editor.org/rfc/rfc9807.html

https://en.wikipedia.org/wiki/Password-authenticated_key_agr...

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact