| >The inability to move them is a feature, not a bug. If you can't move them you can't accidentally give them to the wrong person. Have you considered the case of "the wrong person" taking the device from you non-accidentally? I'm glad that you live in a world where you've never had anything stolen (..or confiscated by officials). What a wonderful feature: give anyone who can snatch/break my phone an easy way to lock me out of all my accounts. Especially useful when traveling. Not to mention the absolutely-never-happening scenarios like, um, dropping the phone. Should've backed up you keys! (Apple will gladly restore them for you from the cloud once you purchase a new iPhone) Oh wait, never mind: "The inability to move them is a feature, not a bug." >All passkey providers must provide secondary methods for validating the identity of their users Like what, getting an OTP on a known device / phone number / email that you no longer have access to? Who's enforcing that must? And finally, and please think about it for a moment: If another means to verify identity MUST be provided, passkeys are not REPLACING anything - so why do we need them? |