Passkeys are built on the FIDO2 standard (CTAP2 + WebAuthn standards). They remove the shared secret, stop phishing at the source, and make credential-stuffing useless.
But adoption is still low, and interoperability between Apple, Google, and Microsoft isn’t seamless.
I broke down how passkeys work, their strengths, and what’s still missing
Yeah now try explaining all of that to tech illiterate family who don’t care beyond “I’ll just use Google Passkey” even if its the worst option.
I set my mother up on my Vaultwarden instance and she uses it just fine w/o needing to configure anything other than me setting it as the Default Passkey Provider.
Didn’t have to explain her anything other than telling her to scan her fingerprint when the prompt comes. 🤷🏻♂️