[megous]

> ...unique passwords per account...

[stavros]

Still not secure enough, sadly. They can be captured, leaked, stolen, phished, etc, and that's if you use them correctly.

[megous]

Passkeys can't be stolen, got it. :)

[stavros]

Yep, hardware Passkeys can't.

[megous]

Physically impossible to just take someone's HW token. And firmware/HW has no bugs, so malware taking the keys is also impossible to write. There were never ever any FIDO token vulnerabilities and never will be.