It seems that the primary goal for passkeys is to eliminate password fishing.
You still need a password for the site. Even with passkeys, you can still login with a password, either from a different machine, or, if nothing else, to recreate your passkey.
But passkeys offer a bit more security to enforce that you're actually sharing the credential with the proper site, correct?
Am I missing something?
I mean, there's the whole syncing passkeys across stuff, but that's all optional. There's no requirement for that. You should be able to configure multiple passkeys to the same site across your various machines (for whatever reason), right?
And I assume the sites won't "auto login"? Even with a passkey you would need to (potentially) hit a login button or something.
It seems that the primary goal for passkeys is to eliminate password fishing.
You still need a password for the site. Even with passkeys, you can still login with a password, either from a different machine, or, if nothing else, to recreate your passkey.
But passkeys offer a bit more security to enforce that you're actually sharing the credential with the proper site, correct?
Am I missing something?
I mean, there's the whole syncing passkeys across stuff, but that's all optional. There's no requirement for that. You should be able to configure multiple passkeys to the same site across your various machines (for whatever reason), right?
And I assume the sites won't "auto login"? Even with a passkey you would need to (potentially) hit a login button or something.
I just want to make sure I understand it clearly.