Using a password on a WebAuthN protected account is the equivalent of putting a bathroom privacy lock on your steel front door. It's psychological coddling, nothing more.
No it is not, comparing passwords or passphrases really (what people should be using) to a bathroom privacy lock is silly. For threat actors, difficulty is not relative like that.
It's more like you have an actual normal door with alarms at a bank. Then a door to the vault area with similar alarms. Then the actual vault.
In your ideal world, everyone should be able to just walk up to the vault because it is so amazing on it's own.
It's more like you have an actual normal door with alarms at a bank. Then a door to the vault area with similar alarms. Then the actual vault.
In your ideal world, everyone should be able to just walk up to the vault because it is so amazing on it's own.