I refuse to learn what a PassKey is
Discussion
I refuse to set up my wallet so no zaps for me. Love it
It is an asymmetrical key that can be associated with a web2.0 account to log in without passwords by signing a challenge.
The often not discussed aspect of it, is that it is meant to be device bound, so services may only accept keys that are themselves signed by a trusted party, to prove that it was generated in a secure environment where the key can't be extracted by scripts or extensions or what not.
It is not bad honestly, just doesn't work for sovereign identity as nicely.
Thanks I guess I understand now!
Some services are super aggressive about trying to switch you to PassKey on a new login instance 😩
same, the level of effort and lack of approachable documentation is extremely sus
ngmi
TL;DR - Someone reinvented client certificates for n00bs 😂