Warning: Some posts on this platform may contain adult material intended for mature audiences only. Viewer discretion is advised. By clicking ‘Continue’, you confirm that you are 18 years or older and consent to viewing explicit content.
I don’t know much about client certificates, because nobody ever used them. All I know is that they are decades older than passkeys, and “certificate” implies there is a public-private keypair, just like in a passkey.
If I were talking about Passkeys and comparing them to client certificates, even though I don’t know much about client certificates in practice, I would say:
Passkeys can be installed in your password manager, which handles securely syncing it to all of your devices
Websites can make it very easy to create or log in with a passkey
Far more websites support passkeys
Websites can support multiple passkeys per user
The user experience is far better with passkeys
Even if your password manager isn’t installed on a given machine, you can still log in with a passkey via your phone, so long as both devices have bluetooth enabled. This allows you to log in on an untrusted device, like a library computer, without exposing your password (though unfortunately that would still result in that computer having access to the session and being able to modify account settings - best practice would be to log out when you’re done and then, from a trusted device, confirm that you were logged out / log out of all devices.)
What are the benefits of a client certificate? As an end user, I’m pretty sure I’ve never used one.
I don’t know much about client certificates, because nobody ever used them. All I know is that they are decades older than passkeys, and “certificate” implies there is a public-private keypair, just like in a passkey.
If I were talking about Passkeys and comparing them to client certificates, even though I don’t know much about client certificates in practice, I would say: