Thoughts on passkeys and passwords

I've given up on Passkeys. Security is only as good as the weakest link. Since nobody allows me to create a passkey and then disable my password, the Passkey doesn't really provide the phishing-proof protection it promises, as currently implemented.

This is as bad as websites that let you set up a Yubikey as a 2FA method, but won't let you disable SMS.

I've deleted all my Passkeys and set up 2FA on any site that allows it. I'll revisit passkeys on any site that allows me to disable my password and only use a Passkey.

best practices

browser extension

Forum Discussion

Thoughts on passkeys and passwords

Recent Discussions

Personal Favorites on a Family Plan

MS Edge v. 1Password

Native Password AutoFill Extension macOS

1Password for Safari barely functional in OS15.6.1 and Safari 18.6 Intel

clicking in the field on 1PW icon to unlock and it disappears