Then what's the point of it all if a hacker can still get into my account using the traditional methods? This seems to be just opening up another avenue of attack.
If I understand it correctly it will avoid phishing, assuming people notice there's something up when they see a page asking for a traditional login for no good reason when they have passkeys. And it may be a transitionary step towards no passwords or something.
My Google account is set up such that account recovery requires me to actually travel to Mountain View and present several forms of ID, and that's just how I want it to be.
grotorea|2 years ago
px43|2 years ago
lxgr|2 years ago
skarra|2 years ago