@reflex because it is?

The point of a second authentication factor is that it be a separate physical device from your primary auth factor.

If I have a password manager secured by a yubikey (as was considered best practice by my employer) that stays permanently inserted into my computer, anyone with physical access to my computer can auth my password manager and 2FA whatever else they want without ever needing my credentials.

Physical keys only help when used in ways most people won't.

@rmondello The part that makes me nervous about passkeys is that they're tied to a device (which can die) or they're tied to the iCloud keychain, which then gives you a chicken and the egg scenario for auth to your Apple account.

But of course, losing a security key if you don't have multiple backups can be catastrophic. And a 'nub' style passkey that you don't carry on your person and leave in the laptop may as well be a passkey for a lost or stolen device.

@rmondello

Not disagreeing (and I know this isn't new to you, Ricky!), but I hesitate to frame that as "more dangerous" full stop without context. The complexity of public comms always looms large here, and the trade-off tension of the other dangers (risk of compromise of any location that has access to the credential manager surface, etc.) is real -- for which many people are still better off, but for which a non-trivial number of people might be at higher risk vs managing a redundant set of physical keys, much as they would car or house keys. But trying to communicate that in bulk / by default is often more likely to produce confusion and lack of engagement rather than taking real steps towards passkeys. Sigh.