> Instead, passkeys let users sign in to apps and sites the same way they unlock their devices: with a fingerprint, a face scan or a screen lock PIN.
So, for the vast majority that does not have hardware that supports fingerprint reading or face-scanning, this grand new alternative to passwords is... passwords?
I get that it's nice for phones, but that's only about 50% of the web's traffic.
If you don't use biometrics then it's passwords or passcodes to authenticate to the local device or a secondary device to unlock it. After that it uses public key cryptography to do the actual authentication with the site you're trying to log into. At no point does the site need to have access to anything secret, unlike traditional passwords.
So, for the vast majority that does not have hardware that supports fingerprint reading or face-scanning, this grand new alternative to passwords is... passwords?
I get that it's nice for phones, but that's only about 50% of the web's traffic.