Passkey is some sort of specific unique key to a device allowing to use a pin on a device instead of the password. But which won’t work on another device.
Now I don’t know if that key can be stolen or not, or if it’s really more secure or not, as people have really unsecure pins.
But it becomes much easier if you want to compromise a specific target individual
No, not really.
Even if you want to target a specific user, it doesn’t become necessarily easier.
Unless you happen to target an individual that combines good password OpSec with shitty phone OpSec.
But I would expect those to be a minority.
Hi, yes, I am that minority
I have a 37 character password with both cases, numbers and special characters to login to my pw vault using long random strings
My phone has a swipe pattern lock since that is the safest lock option it allows in the first place. I wish I could lock it better, but the only other options available to me are a 4 character pin, and fingerprints/facial scan. I hope the problems with those are obvious
Couple that with the fact that I have a daily predictable commute in public transit where I have a habit to put my phone next to me during breakfast and you have a recipe for disaster.