• lemmyvore@feddit.nl
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 year ago

    If they get your password they can impersonate you to the server. They can’t do that with just the public key part of your passkey.

    • lud@lemm.ee
      link
      fedilink
      arrow-up
      2
      arrow-down
      3
      ·
      1 year ago

      That’s true.

      Ideally my password should be hashed and salted anyways, so that shouldn’t make a huge difference.