|
|
|
|
|
|
by hedora
740 days ago
|
|
|
Computer security is usually defined as achieving three things: Confidentiality, Integrity and Availability. If device loss (or a google/apple account ban) leads to permanent loss of access to your (other) accounts, then passkeys aren't providing availability, so they're not secure. Put another way: If you ignore availability, then passwords are even more secure than passkeys when used "correctly": When creating a new account, choose a random 80 digit string for your password and don't record it anywhere. Also, don't set up an account recovery email address / phone number / etc. |
|
|