I understand crypto/web3 are hated because of all the scams and NFTs out there. However, I worked on a web3 login implementation and I think it’s the best login/account experience out there. Basically, your private key is your password. You can use your phone, a browser extension or a hardware wallet (kind of the equivalent of a YubiKey).
It’s a pretty straightforward experience and it keeps the full ownership of the credentials to the user.
It seems passkeys mostly operate in the cloud, like replication across all iCloud connected devices? This seems like a major point of vulnerability for the average user.
Private key infra in crypto/web3 tends to promote best practice as offline, paper wallet, airgapped devices, etc.
I’m not familiar with passkeys. Can you back it up as a bunch of words? Does it require a third-party thing or the implementation is fully independent.
It’s a pretty straightforward experience and it keeps the full ownership of the credentials to the user.