> But then your hardware dies

A lot of services have password reset email features. If the email account has passkey you're screwed. But restore by snail mail can be possible but slow (for paid services). More secure? Don't know but same category of problems already known due to sim swapping attacks in mobile sector. But for sure the Mail account is a high value target.

Storing passkeys in a database may be possible but complex to do it right e.g. backup verification, avoiding to leak while backup etc.

oh lawd, yes it does come down to 'who has the power to reset your account', and very few people want to take the path of 'no one has the power' in the case of lost credentials.

>your hardware dies

Or your backpack gets stolen.

Oops.

I swear, people who idolize passkey security must never travel anywhere.

PS: "just have more devices with passkeys", they invariably say.

Yeah right because people are made of money, everyone has the forethought, and a 2nd laptop in the US is a great asset when you're in Poland and can't login anywhere.

At my work we required a complex password <15 characters lower + cap, number and symbols.

Updated to Windows Hello and passkey.

Now I can use a 4 digit pin to login.

>It is objectively good security, but has a ton of usability headaches yet to be really solved.

Thank you, then this is still true today?

Disappointing the rollout was botched (recall cross platform and password manager difficulties). Haven’t done research since but even with some new UIs and flows promoting passkeys in the past couple months, haven’t regained my trust either.