A lot of the comments are from people who don’t trust Passkeys because they don’t understand the failure modes. They’re essentially identical to the failure modes of password managers.
With a password manager, your passwords are long and random. You can’t memorize them, so if you lose your password DB you have to do a PW reset everywhere. You protect against that by keeping the DB synced all over the place.
From a user POV Passkeys are the same. You can only use them if you have the DB they are stored in. You protect against loss by syncing that DB all over the place. If you lose all the copies somehow you have to do a reset/recovery everywhere.
Comments