Passwords have problems, but passkeys have more

This rant is utterly factless and at an absolute novice level. It is correct that building a passkey-first system (without fallbacks) is not possible today, but that's like going all in on Google Social login and then ranting about why not all users can access the system.

&gt; we built the early authentication system entirely around [Passkeys]. It was not a simple setup!<p>it is though<p>&gt; Handling passkeys properly is surprisingly complicated on the backend,<p>it&#x27;s not though<p>&gt; but we got it done. Unfortunately, the user experience kinda sucked,<p>true<p>&gt; so we ended up ripping it all out again.<p>fair enough, but don&#x27;t couch that in misdirection about the spec and work involved.

The relying party not being able to assume the user can take one secret with them is a feature that comes with a cost.. The lack of a reference correct relying party library in each language is a reason that cost is too high.