I'm often the go-to tech support for my relatives and friends when they have computer issues. I try to ease their burdens by helping with data backups, creating disk images to recover from crashes, and streamlining their setups. However, with the increasing push from companies like Microsoft and Google for passwordless authentication via passkeys, I've run into a new problem. Many of these users are unaware that if they switch to a new PC or need to restore their system, they could lose access to their accounts because passkeys can't be easily backed up or transferred. I'm concerned that they often don't have alternate recovery methods sorted out, like valid email addresses or phone numbers. What's the best way to support these less tech-savvy users in managing passkeys and ensuring they're covered if they ever have to change devices or reinstall Windows?
5 Answers
I'm curious—how many of your relatives do you actually help restore Windows for on a regular basis? I haven't had to reinstall Windows for years! Also, many people forget to set up recovery options when they make the switch to passkeys, which makes things tricky later on. I think the key here isn't just to focus on passkeys but rather to get them to understand the importance of proper recovery setups.
I share your frustration! Initially, I thought ‘passkeys’ were just another term for passwords. Why can't we stick to a solid password plus a two-step verification instead? It seems like a more secure option than relying solely on passkeys.
The best approach is to ensure that users have backup login options in place. With Microsoft, you can use the authenticator app alongside passkeys, which provides an additional layer of security.
If possible, I recommend implementing hardware-based tokens like YubiKeys. Getting them to set up multiple YubiKeys can result in a backup if one gets lost. Also, training them on how to securely store their recovery codes can save a lot of headaches down the line.
Most password managers these days can actually import passkeys, although that does sort of defeat the purpose of having them. Just keep in mind that not all passkeys are exportable, especially those stored directly within Windows. It’s worth checking the settings for each individual app to see if there’s a way to manage them better.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures