> The WebAuthn _also_ allows device-bound keys, but they are not "passkeys".
True. WebAuth is good fit for a login that's tied to a user - and that user only logs into it from their workstation and maybe a laptop. There are better options when more flexibility is needed.
Happily, there are enough secure options that my phones will always be authenticator-free.
True. WebAuth is good fit for a login that's tied to a user - and that user only logs into it from their workstation and maybe a laptop. There are better options when more flexibility is needed.
Happily, there are enough secure options that my phones will always be authenticator-free.