@rmondello What if you lose all your devices? (This is a real question, not rhetorical. I don't fully understand how passkeys work.)

@conlan @rmondello Because they sync through a cloud account, you should have backups for that account: a way to gain access from a new device after you lost all the others (could use a security key, MFA recovery codes, a recovery email, designate a couple close friends as recovery accounts, etc. depends on what the cloud service provides)

@tbroyer @rmondello Does that not weaken the security? Feel free to point me to a good explainer video or something… I think the complexity of passkeys may put off normal people from switching to them. (I'm speaking as someone who has started transitioning to them because they seem better than passwords, even if I don't completely understand the mechanisms.)

@conlan @rmondello This is similar to using a password manager, except you store passkeys into it rather than passwords, and this improves security everywhere you'll use passkeys rather than passwords. But you need to keep an access to your password manager even in the event you lose all your devices (where you could have registered your fingerprints to unlock it for instance)