You can remove the password on the forum in favor of passkeys

It looks like you can now remove the password on the forum and only use the passkeys.

3 Likes

Yep looks like Discourse added that, great to see. You still can’t sign up with a passkey though which is unfortunate, I’d like to see an option to sign up with only a passkey, no password or email. But progress anyway.

3 Likes

I would not want that actually I wholly disagree.
Now I am not anti passkeys by any means necessary but as someone who doesn’t have passkeys and at least not many people here do I don’t think this is a great idea.
Yes now we have software based passkeys with our password manager but Imagine how many people in PG don’t have a password manager yet nor do they know about it or a physical passkey.
I think you get the idea.
Keeping passkeys alongside passwords would still be it, Until we actually completely get rid of using passwords for passkeys on every single site.
What discourse should do to make an impact is adopt the device bound session credential standard despite early stages so that they can be ready for that security instead of allowing to force passkeys
Again I remind, not an anti-passkey person but think about the others in this specific case before your own

It’s optional.

2 Likes

Maybe I misunderstood my bad!

It should be mandatory to pick between passwords and passkeys, one or the other. The ability to have both at the same time undermines the purpose of passkeys.

Not if you lose all your hardware security keys and have no backup option. That’s why I always prefer software passkeys through password manager. I hope they develop this tech more so it becomes easier to move between services if one wants and not be locked into anything.

1 Like

Firstly, that’s not a passkey problem that’s a human problem. You can just as easily forget your password and not have a backup.

Secondly, while you’re welcome to disagree, objectively speaking using passkeys side by side with passwords does undermine their purpose. Not only does it go against how they were designed as a standalone and superior replacement to passwords, but you also lose most of the security benefits of using passkeys

Sure. I never said you’re wrong. But my point also remains valid because one is more likely to lose their security keys than forget the one and only important password they better remember to be able to get into their password manager.

By your logic, which is still valid - anything and everything is always a human problem. We know this already.

1 Like