Passkey logins now supported

The tech world, or at least large chunks of it, is moving to Passkeys in place of passwords for logging into systems. Passkey support is being added in Android, Apple IOS, Amazon and various password managers, e.g. Dashlane.

Put simply, a passkey is a public/private key pair where you hold the private key and the system you’re logging into holds the public key. It’s a bit like HTTPS/SSL if you understand how that works. When you want to log in, there’s a challenge response process used, which confirms that the remote system has your public key and the remote system confirms you have the private key (without your private key being exposed). If the tests pass then you’re logged in.

If you have a system capable of working with Passkeys the forum now supports these for logins. To use them you need to create a passkey. Do this to create one.

1. Go to https://discourse2.weather-watch.com/my/preferences/security

image1129×681 49.2 KB

2. Click on the ‘+ Add Passkey’ button
3. You’ll now be prompted for your current Weather-Watch Discourse password.
4. The next step will vary depending on what platform you’re using, e.g. Android, Apple, etc. You will probably be prompted to create a new passkey which will be stored in your local password manager (whatever that is on your platform)
5. After you’ve created the passkey on your local system, you’ll be returned to Discourse and prompted for a name for the passkey. Use whatever you prefer here.

After creating the when you next need to login you will see an extra option on the login page ‘Login with a passkey’, e.g.

image672×396 18.3 KB

You don’t need to enter your email/username or password. just click the passkey button. Your local password manager should prompt you to select a passkey to use to login. Pick the passkey you used for Discourse and once you confirm you want to use it you should be logged in automatically as the correct user.

I’ve used this myself and it works, but this is a trial set of one user! Hopefully it will work for you if you try to use it. Even if you don’t use it now, I think there’s a big push on by Google, Apple, MS, etc to enable passkeys more widely and to enforce their use. They are more secure than passwords so it would be worth getting to know how to use them now before you find one day that a system you use has enforced their use and you don’t know how to use them.

Please note: Using Passkeys for logging into the forum doesn’t remove your password. You can still use your usename/email and password to log in if you want to. Not everything is passkey enabled yet so this will need to remain for some time.

Seems to work OK, used Edge on Windows 11, and it automatically stored the passkey and I set fingerprint authentication to use it.

Thanks for the confirmation - it’s now 2 out of 2

It will be interesting to see how passkeys work in practice. I’ve use Dashlane as a password manager for many years and that now supports passkeys. Dashlane also works on all the devices I use and as it syncs password information between devices if I create a passkey on my laptop then pretty quickly it will be available for use on my phone.

If you create a passkey in MS Edge then I assume it doesn’t share it with Firefox, Chrome or other passkey capable software? So as long as you only ever use that passkey in Edge you’ll be OK (I assume Edge syncs it between platforms?). I guess this might push the role of password/passkey managers more, but then it will be inetresting to see whether a Google manager will work on Apple, and vice versa.

It’s early days though, but at least the capability exists in Discourse to allow it to be used.

In my case it is saved in Windows Hello, so not shared. It does offer the option of where you want to store the passkey, your phone being one option, or a secure device - FIDO2 compliant.