Right. I just wanted to make that clear. That’s why I say there’s no fundamental difference between the two technologies and compare webauthn to passwords of yore.
In terms of policy, I am not sure all the players share the sentiment. Google stated they understand the importance of passkeys being cross platform. So at least, if their statement is to be trusted, they’re on the side of consumers.
I come down really hard on passkeys sometimes, but I'm not opposed to the idea of using keys for authentication. I think that's an amazing idea.
I'm mostly down on the passkey ecosystem and who's in charge of it. I guess I don't do a good job of clarifying that always.
There is a theoretical alternate world where the FIDO Alliance approached this differently where I would be 100% on board with passkeys and would be encouraging everyone to switch to them. I'm just really worried about the implementations I think we're going to actually end up with.
I like the passkey idea in the general sense, too. But what I don't like is the involvement of a third party, and the loss of control over my own critical data.
In terms of policy, I am not sure all the players share the sentiment. Google stated they understand the importance of passkeys being cross platform. So at least, if their statement is to be trusted, they’re on the side of consumers.