There’s a slight improvement in that the passkey will only transmit to the correct website. Cannot select and fill it to the wrong domain.
But other than that I agree. Especially now that these synchronise with iCloud, BitWarden, etc seems a no brainer you can just steal these and access everyone’s accounts in many cases with no extra 2nd factor.
But other than that I agree. Especially now that these synchronise with iCloud, BitWarden, etc seems a no brainer you can just steal these and access everyone’s accounts in many cases with no extra 2nd factor.
This confuses me too.