• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

Introducing Passkey for PlayStation

Gamer_By_Proxy

Gamer_By_Proxy

Member
I'm getting an error that a passkey can't be created for this device, and I'm on an iphone 15 pro max with face id . . .

Edit: It was my Brave browser shields blocking it.
 
Last edited:
T-Cake

T-Cake

Member
Roxkis_ii said:
If it's like other solutions, you will probably have an option to use passkey or a password.
Click to expand...

Yeah, I've just read the FAQ.

What happens if I lose my phone? Can I still sign in on another device?
If you have another device in the device ecosystem (such as iPad or Mac), you can sign in with that device, as the passkey is shared. If you can’t access a valid passkey, please visit the guide below.

(Which basically means contacting PlayStation Support)
 
Last edited:
Gamer_By_Proxy

Gamer_By_Proxy

Member
T-Cake said:
What happens if you lose access to your passkey device though? Do you still get backup codes to put in?
Click to expand...
You can choose what app handles your passkey. So you can use like iCloud, or last pass, etc. So they have their own backups or ways to get to them from other devices.
 
Gamer_By_Proxy

Gamer_By_Proxy

Member
I might just be stupid but, I want it to work with the face ID on my iPhone, but when setting it up from my phone it wants me to scan a QR code . . . which i can't while on the phone.
Then using an iPad so I can take a pic of that QR code, it's trying to add a touch ID passkey, which I don't want to use my iPad for this. How am I supposed to get it to work for the iPhone face ID?
 
TheUsual

TheUsual

Gold Member
Tried setting up with my Yubico key. It setup correctly but every time trying to login, it wouldn't recognize the device. Had to recover the account. Back to 2FA for now for me.

Edit for clarification
 
Last edited:
Punished Miku

Punished Miku

Gold Member
Gamer_By_Proxy said:
I might just be stupid but, I want it to work with the face ID on my iPhone, but when setting it up from my phone it wants me to scan a QR code . . . which i can't while on the phone.
Then using an iPad so I can take a pic of that QR code, it's trying to add a touch ID passkey, which I don't want to use my iPad for this. How am I supposed to get it to work for the iPhone face ID?
Click to expand...
Get a giant QR code face mask.
 
A

Aguero9320

Member
Gamer_By_Proxy said:
I might just be stupid but, I want it to work with the face ID on my iPhone, but when setting it up from my phone it wants me to scan a QR code . . . which i can't while on the phone.
Then using an iPad so I can take a pic of that QR code, it's trying to add a touch ID passkey, which I don't want to use my iPad for this. How am I supposed to get it to work for the iPhone face ID?
Click to expand...
I set it up by logging into the website on my Mac, which allowed me to generate the passkey saved to iCloud. Now when I try to login on my phone it uses Face ID.
 
T

Three

Member
Gamer_By_Proxy said:
I might just be stupid but, I want it to work with the face ID on my iPhone, but when setting it up from my phone it wants me to scan a QR code . . . which i can't while on the phone.
Then using an iPad so I can take a pic of that QR code, it's trying to add a touch ID passkey, which I don't want to use my iPad for this. How am I supposed to get it to work for the iPhone face ID?
Click to expand...
Open it on your ipad and scan it on your phone. Alternatively you could probably make the QR code appear on your PS4/5 which is likely where it was designed to be scanned. In their infinite wisdom they probably didn't think people would try to set it up on the same device.

Or maybe you clicked on create on another device by mistake in step 3

3.Select Create a Passkey and then Create on This Device or Create on Another Device.
 
Last edited:
King Dazzar

King Dazzar

Member
I had a bit of fun getting this to work when using a chrome browser on a Windows PC. But got there in the end. It makes logging into the website far easier than using authenticator codes etc. Only tip I'd mention is going into security settings on your PSN account to add or remove passkeys if needed. It'll also list existing passkeys and for what devices you have them set up for.
 
Mephisto40

Mephisto40

Member
I really don't like the idea of having to contact sony support if I don't have access to my device any more, that just sounds so stupid

I have the same problem with my Activision account, I got a new phone and lost my authenticator app and also lost access to the one time passwords they give you, now I literally have no way of logging in to my Activision account and trying to contact their support is nearly impossible, their website just sends you around in circles and never gives you the option of contacting anybody

The only reason can still log into my COD account is because it's registered against my PSN
 
Last edited:
Sushi_Combo

Sushi_Combo

Member
Mephisto40 said:
I really don't like the idea of having to contact sony support if I don't have access to my device any more, that just sounds so stupid

I have the same problem with my Activision account, I got a new phone and lost my authenticator app and also lost access to the one time passwords they give you, now I literally have no way of logging in to my Activision account and trying to contact their support is nearly impossible

The only reason can still log into my COD account is because it's registered against my PSN
Click to expand...
With passkeys you use either a physical token like a yubikey or you can use a PW manager that supports passkeys, in the event you change devices, you shouldn't need to set everything up again.
2FA is becoming more antiquated imo.
 
King Dazzar

King Dazzar

Member
Mephisto40 said:
I really don't like the idea of having to contact sony support if I don't have access to my device any more, that just sounds so stupid

I have the same problem with my Activision account, I got a new phone and lost my authenticator app and also lost access to the one time passwords they give you, now I literally have no way of logging in to my Activision account and trying to contact their support is nearly impossible
Click to expand...
I'm no expert. But so far having set this up a few days ago. If you remove the passkey via your PSN security settings, then that device can no longer log in with a passkey, unless you set up a new one.
 
Venuspower

Venuspower

Member
Useless in my opinion. I activated this stuff at the weekend as a test. Initially, I kept getting error messages when I tried to activate the stuff. Eventually it worked. Then I was able to log in three times. From then on, I could no longer activate the fingerprint sensor and was successfully locked out of my account.

But that is when it gets ridiculous:
- 2FA is deactivated by activating PassKey
- If you have locked yourself out, you can easily reset PassKey by clicking on the link in the email.

A cracker therefore only needs to gain access to the e-mail account and can easily deactivate the PassKey and then reset their PW as normal. And because no 2FA is activated, they can then log in without any problems.

Long story short: I quickly switched back to the classic password and 2FA.
 
Last edited:
M1chl

M1chl

Currently Gif and Meme Champion
Celcius said:
How does this work? Like 2FA except without the token?
Click to expand...
Its basically ssh auth, you sign the transaction with your ssh key which you created on device. If the signature is valid, you get signed in.

It is just for entering you credentials, it has nothing to do with 2FA, just that they are not stored in your brain, but rather on your trusted device
 
King Dazzar

King Dazzar

Member
Venuspower said:
Useless in my opinion. I activated this stuff at the weekend as a test. Initially, I kept getting error messages when I tried to activate the stuff. Eventually it worked. Then I was able to log in three times. From then on, I could no longer activate the fingerprint sensor and was successfully locked out of my account.

But that is when it gets ridiculous:
- 2FA is deactivated by activating PassKey
- If you have locked yourself out, you can easily reset PassKey by clicking on the link in the email.

A cracker therefore only needs to gain access to the e-mail account and can easily deactivate the PassKey and then reset their PW as normal. And because no 2FA is activated, they can then log in without any problems.

Long story short: I quickly switched back to the classic password and 2FA.
Click to expand...
Interesting. For me, using the email though had me have to input a code displayed on my device with the login issue. Therefore it seemed secure. Good to know if that is not the case, but I'm not sure it is...
 
Shin-Ra

Shin-Ra

Junior Member
gothmog said:
Just switched over. So much better than waiting for the MFA text.
Click to expand...
PSN’s had TOTP (time-based one-time password) support for some years now, there’s 0 delay unlike SMS. Some password managers, like Apple’s, autofill TOTP and SMS codes just like passwords.

T-Cake said:
What happens if you lose access to your passkey device though? Do you still get backup codes to put in?
Click to expand...
Passkeys are intended to be synchronised between multiple devices running the same password manager for redundancy.

Once you enable a passkey on PSN, passwords and 2-SV (MFA) are automatically disabled. If you lose all your passkey devices, you can recover your account by email.

tusharngf said:
What a revolutionary feature. They just introduced it very late lol.
Click to expand...
Nintendo and Amazon enabled passkeys for accounts around September last year, Google were the first major supporter (with accounts) earlier in May.

Passkey support is still quite rare despite major OS support starting with iOS 16, September 12, 2022.
 
Shin-Ra

Shin-Ra

Junior Member
Magic Carpet said:
Does this help or hinder with current Sim Swap going on in the States?
Click to expand...
Passkeys themselves don’t use SMS codes but the password manager used for passkeys may still use SMS for recovery, ideally with other protections up front.

Gamer_By_Proxy said:
I might just be stupid but, I want it to work with the face ID on my iPhone, but when setting it up from my phone it wants me to scan a QR code . . . which i can't while on the phone.
Then using an iPad so I can take a pic of that QR code, it's trying to add a touch ID passkey, which I don't want to use my iPad for this. How am I supposed to get it to work for the iPhone face ID?
Click to expand...
QR code scanning should only occur when creating or signing in with a passkey on a secondary device, as Three suggests, you may have made a mistake.
Three said:
Or maybe you clicked on create on another device by mistake in step 3

3.Select Create a Passkey and then Create on This Device or Create on Another Device.
Click to expand...

TheUsual said:
Tried setting up with my Yubico key. It setup correctly but every time trying to login, it wouldn't recognize the device. Had to recover the account. Back to 2FA for now for me.

Edit for clarification
Click to expand...
According to the FAQ
  • Some hardware security keys may encounter issues; consider using synced passkeys on mobile devices.

How to sign in to PlayStation Network with a passkey

Find out about how passkeys can make your account more secure, how to set one up and how to sign in to PlayStation™Network (PSN) with a passkey.
www.playstation.com www.playstation.com

Mephisto40 said:
I really don't like the idea of having to contact sony support if I don't have access to my device any more, that just sounds so stupid

I have the same problem with my Activision account, I got a new phone and lost my authenticator app and also lost access to the one time passwords they give you, now I literally have no way of logging in to my Activision account and trying to contact their support is nearly impossible, their website just sends you around in circles and never gives you the option of contacting anybody

The only reason can still log into my COD account is because it's registered against my PSN
Click to expand...
You only need to contact PSN support if email recovery isn’t an option.

In addition to your email, you’ll need one of: your date of birth, phone for SMS (if you added one) or security question answer (if you added one)
 
Venuspower

Venuspower

Member
King Dazzar said:
Interesting. For me, using the email though had me have to input a code displayed on my device with the login issue. Therefore it seemed secure. Good to know if that is not the case, but I'm not sure it is...
Click to expand...

You can choose how you want to verify yourself if you have requested a password reset)/disable Passkey. By phone, security question or with your date of birth. At the latest, the date of birth is relatively easy to obtain using brute force or other scetchy methods. It is therefore not obligatory to verify yourself by telephone.

From my point of view, it would have been better if:
- Passkey requires active 2FA. You must therefore have verified your telephone number.
- However, 2FA is only requested when "manually logging in" with a password. No 2FA is then required when Passkey is used
- The PW & 2FA + Passkey method could be used in parallel. The user therefore has the option of freely choosing how they want to log in. This means that it is possible to deactivate Passkey "if necessary" without resetting anything if something is fcked up with Passkey. The fact that 2FA is activated means that resetting the password can be linked to 2FA at the same time. So you have to enter the 2FA code next besides getting the link in the email . Other options (such as date of birth or security question) are then no longer allowed. After all, these options are rarely stupid enough to secure an account. It gets bad when people even enter their real date of birth or a correct answer to the security question.

I still remember the good old days in the Internet forums, where people were constantly opening topics and wanting to know people's pet, favorite food or favorite movie. Stupid people think nothing of it. Smart people know that the people who created those threads wanted to get the answers to security questions.
 
Last edited:
Shin-Ra

Shin-Ra

Junior Member
Venuspower said:
Useless in my opinion. I activated this stuff at the weekend as a test. Initially, I kept getting error messages when I tried to activate the stuff. Eventually it worked. Then I was able to log in three times. From then on, I could no longer activate the fingerprint sensor and was successfully locked out of my account.

But that is when it gets ridiculous:
- 2FA is deactivated by activating PassKey
- If you have locked yourself out, you can easily reset PassKey by clicking on the link in the email.

A cracker therefore only needs to gain access to the e-mail account and can easily deactivate the PassKey and then reset their PW as normal. And because no 2FA is activated, they can then log in without any problems.

Long story short: I quickly switched back to the classic password and 2FA.
Click to expand...
Being unable to activate the fingerprint sensor sounds like an issue with that device or your technique for registering the fingerprint.

In my experience, email recovery bypasses MFA on most online accounts, PSN is unusually restrictive in still requiring 2-SV after successful email recovery but people should be aware that access to their email account and password manager needs to be secure to keep all their other accounts secure.

M1chl said:
Its basically ssh auth, you sign the transaction with your ssh key which you created on device. If the signature is valid, you get signed in.

It is just for entering you credentials, it has nothing to do with 2FA, just that they are not stored in your brain, but rather on your trusted device
Click to expand...
Passkeys incorporate MFA/2FA/2SV in effect by using biometric authentication.

1. Something you have (device storing passkey)
2. Something your are (face, fingerprint, iris … biometric)

If your biometric authentication fails (or periodically needs reactivation like iOS) a passcode can be used. This passcode should really be stronger than the standard 4 or 6 digit code usually enabled by default. Local attacks, stealing someone’s device and knowing their device unlock passcode e.g. by looking over the shoulder in a public place are much rarer than online attacks but protections against this have come more recently. https://support.apple.com/en-gb/HT212510
 
Last edited:
Venuspower

Venuspower

Member
Shin-Ra said:
Being unable to activate the fingerprint sensor sounds like an issue with that device or your technique for registering the fingerprint.
Click to expand...

That's what I thought at first. But apart from that, it worked without any problems. So it was more likely a software bug in the app.
 
Saiyan-Rox

Saiyan-Rox

Member
Nice about time sony let us do this

I use my titan security key for all my accounts that let me.

Although still weird to me when you don't have it some still let you use pin to mobile regardless of security key
 
P

Panajev2001a

GAF's Pleasant Genius
Passkeys are more secure, but boy oh boy you need to be patient or you will panick. There are a lot of kinks to sort out with it as tech.

First of all the webauthn auth flow happens without you seeing anything on the browser that tells you something is actually in progress. On Safari you have no loading indicator (it is not redirecting you anywhere or loading the page, it is doing a whole bunch of async calls without any user feedback), no spinner, nothing.
 
Duchess

Duchess

Member
Some more info on PassKeys, for those who want to know what's it's all about



Basically, it's meant truly identify "you". Proof will be in the pudding. I imagine in 10 years they'll be telling us that PassKeys aren't all that good.
 
Last edited:
You must log in or register to reply here.

Similar threads

PlayStation Plus First Year Stats Revealed
Sales-Age
37
3K
Leonidas replied
  • Locked
Is This New? (No, see post #14)
21
1K
phaedrus replied
  • Locked
Sony’s Software Usage Terms forbid resale of physical games
News
49
6K
SJRB replied
EA Play 1 Month Discount Offer at $0.99/£0.79/€0.99 valid till Nov 17,2023 for Xbox, PS and PC | Dead Space, Wild Hearts and other EA titles
Deals
8
644
violence replied
Tales of Kenzera: Zau releases Day 1 into the PlayStation Plus Game Catalog on April 23
News Platform 2
88
4K
Madonis replied
Top Bottom