Passkeys are cool because they're locked to a domain, which prevents phishing.
Passkeys are cool because you can secure them with a phone's secure element or on a device like a yubikey.
I would not, however, recommend storing passkeys in a software-only password manager.
Is that really what we need? To lock people's access to things in their phones that can be lost or break anytime? Or they (and services) have to go through infinite undocumented hops for things to work in other ways?
Besides that it's proprietary technology with a 300-page or more spec that is impossible for normal people to implement but they try to sell it as an open protocol or something.
What’s an alternative?
