Passkeys are a great option for people that don’t wanna deal with managing their passwords and have some else do it for them. That’s not everyone though, some prefer staying in control, so it should always stay optional.
I’ve been using a password manager for ages, and passkeys for a long time now.
What about passkeys is a loss of control? I’m 100000000% more likely to use them when supported, usernames/passwords are so janky, as are SMS/email-based 2FA (and the stupid “magic passcode” that makes you check your phone/email every time you sign in); for average users it greatly reduces the risk of phishing, etc.
If I want to delete one I can do just that.
Websites that require username/password + passkeys are annoying as hell though.
Passkeys are a great option for people that don’t wanna deal with managing their passwords and have some else do it for them. That’s not everyone though, some prefer staying in control, so it should always stay optional.
I’ve been using a password manager for ages, and passkeys for a long time now.
What about passkeys is a loss of control? I’m 100000000% more likely to use them when supported, usernames/passwords are so janky, as are SMS/email-based 2FA (and the stupid “magic passcode” that makes you check your phone/email every time you sign in); for average users it greatly reduces the risk of phishing, etc.
If I want to delete one I can do just that.
Websites that require username/password + passkeys are annoying as hell though.
Passkeys do one thing right. They are based on assymetric keys as a proof of knowledge instead of transmitting the password.