“Passkeys and the WebAuthn specification were intended to make public key cryptography accessible to average users, rather than just the domain of the tech-savvy. If done right, they could seriously improve security on the Web.” @Drbruced summarises why passkeys are such a good idea in theory and explains where current implementations of the technology fall down in practice.