Why Passkeys aren’t a panacea

1. Passkeys are password-less credentials built on Webauthn. The OS companies — Apple, Google and Microsoft — are responsible for their implementation

2. For most users, Passkeys are usually stored in the OS vendors secure cloud, eg iCloud, to sync across devices. 

3. This means that you need to have devices from the same ecosystem — a Mac and an iPhone — for sync to work

4. Naturally, there are plenty of people with a different mobile device vs. computer.

5. Further, OS vendors have been inconsistent with the various features of Passkeys they implement, eg Apple did largeBlob and Google did PRF.

6. Would expect this to take a few more years at a minimum before all the consumer UX kinks are rolled out.

Working on Farcaster and Warpcast. Longer thoughts at https://dwr.email

What about Ledger Security key? Most of the new ledger devices can be used as a passkey. 

Was thinking of switching to that for all my passkeys as it avoids most of the pitfalls mentioned.