Everyone else: don't do this

stoltzmann · 2025-07-03T08:37:07 1751531827

Why not? It actually sounds like the best way to use passkeys and still have control over them.

WarOnPrivacy · 2025-07-04T02:55:35 1751597735

I've been super happy with it. My logins are always with me but they never leave the house.

> It actually sounds like the best way to use passkeys and still have control over them.

I belatedly recall that I tried to setup a Google passkey in a VM and was rebuffed. Google depends on Windows Hello for passkey presentation prompts - and Hello is disabled in an RDP session (ostensibly because facial rec won't be needed).

I poked at the problem for a while and couldn't find a workaround.

WarOnPrivacy · 2025-07-04T02:49:24 1751597364

It's a safe, simple and secure config. I understand that's not for everyone.

Brian_K_White · 2025-07-05T21:50:12 1751752212

It's simple and convenient, it may or may not be secure, it is not safe, it's fragile. I understand avoiding unnecessary single points of failure is not for everyone.

WarOnPrivacy · 2025-07-06T22:09:38 1751839778

> it may or may not be secure

It is secure.

> it is not safe,

This is incorrect.

> it's fragile

This is incorrect. Many thousands of sessions over most of a decade all testify to to it's robustness and reliability.

> I understand avoiding unnecessary single points of failure is not for everyone.

That's an interesting segue.