I'm trying to figure out how to handle passkeys for end-users as companies are beginning to implement passkey authentication options on their websites. I'm debating between hardware solutions, like Yubikeys, and software options, such as password managers that have passkeys integrated. A hardware passkey might save costs after the initial expense, but it relies on a physical device, which can be lost. On the other hand, using a password manager means I'd be putting all my passwords and passkeys in one place, which could be risky if it doesn't support passkeys. Plus, what about 2FA apps like Google Authenticator or Authy? Are they a viable option now or will they be in future considerations?
1 Answer
If you're thinking about business implementation, go for a solution that includes management features, like 1Password. Physical keys enhance security, but if someone loses a key, it can become a crisis. 1Password also offers a company account that allows for shared credentials and the option for users to take their family account with them when they leave, which promotes better credential hygiene across the board.
I heard 1Password just rolled out managed installation features. Before, managing configurations was a pain, and enterprise control was limited. But they haven't published the documentation yet!