• cashew@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    2 months ago

    Passkeys aren’t a full replacement in my opinion, which is what DHH gets wrong. It’s a secure, user-friendly alternative to password+MFA. If the device doesn’t have a passkey set up you revert to password+MFA.

    • Spotlight7573@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      2 months ago

      And the fewer times that people are entering their password or email/SMS-based 2FA codes because they’re using passkeys, the less of an opportunity there is to be phished, even if the older authentication methods are still usable on the account.