[api]

A more portable standardized version of the Apple distributed Secure Enclave sort of thing as 2FA with passwords as the first factor would be great. You could also add something like a Yubikey as an emergency unlock token.

It’d be based on keys you control so there’s no way someone could hack some master database or key authority and own the entire universe. That’s a distinct possibility today.

Plausible scenario: high sophisticated nation state sponsored break at Google with cooperation from inside, used to launch a sudden mass malware infection attack against hundreds of millions of systems.