Register a passkey on a different device or get a hardware key or whatever. Or call Microsoft support and complain to them. This doesn’t feeling like an honest discussion anymore.

It absolutely is a Valid question. At the end of the day, the problem with passkeys Is that they are explicitly negatives for common people.

Have a broken phone camera? Cannot scan qr codes.

Lost the phone? Cannot log into vital modern day accounts like email.

Your house burned down, and the passkey device with it? Say goodbye to literally everything.

Homeless (temporary or otherwise) persons, random local government sweep just trashes everything you own. Bye bye to the passkey again.

You're going to need some technology if you expect to interact with technology.

Right, but unlike a passkey, my password doesn't discriminate based on the device I use.

If my phone explodes like a Samsung surprise, and my laptop turns into a spicy pillow;

I can in the worst case scenario, still log in via the local library PC.

I could borrow a device from a friend, or buy a second hand Thinkpad and use that.

That is to my knowledge, not possible with a passkey device.

There are syncable and hardware-bound passkeys and you are free to use a password manager that syncs your passkeys. iPhones don’t even let you create a passkey with the built in password manager if you have synchronisation disabled. I don’t know for sure if Google does the same but I expect them to.

If you’re remembering all your passwords there’s a good chance they’re terrible, you frequently re-use them or both. That really helps attackers e.g. when they use leaked passwords to run credential stuffing attacks on your employer.

You just wrote two comments bashing a technology you admit you didn’t properly educate yourself about.

Except, you can't sync the iphone's passkey with non apple products. And it's still tied to your apple ID, which uses a password. This in theory, defeats part of the point. (It's definitely better than the alternative though)

For android, the passkey is clone-able iirc, but again, it's an expensive smart device.

So now I am expected to have at a minimum, two use-able smart phones, per family member. Iphone? Frankly, fuck that shit. Too expensive.

Android, I can manage it. But doing that for all family members is not financially viable.

Also I do use a password manager and an encrypted text file. (Not smart, I know. The file is basically a backup)

But I really cannot expect people like my mother to understand how to set up a passkey. Much less, how to setup multiple for the off chance one is lost. Add onto the fact that Yubikey does not support twins, and many services do not support multiple passkeys.

In terms of computer literacy, using my mother as a baseline (Age:Mid50s) the current passkey system is non-viable.

> Except, you can't sync the iphone's passkey with non apple products

So just make multiple passkeys on the different platforms/devices.

> So now I am expected to have at a minimum, two use-able smart phones

No, you can have passkeys on laptops and desktops. It doesn't need to be a phone. Hardware tokens can be had for like $20.

The "how do you recover from zero devices" problem is a real one. It's not a problem at work because you have a root of identity and access to a human (your IT dept) who can reset you. For public services like Google, if you lose your recovery methods then go fuck yourself.

Something I know is the only authentication method that can't be physically destroyed. When your customers are the masses every failure mode that can happen will happen, usually at the most inconvenient time.

What sucks about passkeys in abstract is that you want at least two failure modes that are uncorrelated— you're unlikely to forget your password and have your house burn down at the same time. Passkeys consolidate everything into to physical possessions which can be and are destroyed all at once.