@bitprophet @glyph Mozilla recommends that sites nudges users to delete alternative login methods?
https://developer.mozilla.org/en-US/docs/Web/Security/Authentication/Passkeys#migrating_from_passwords

My understanding is that extensions in chrome and Firefox can see what the browser see. Let's say ublock gets compromised, and my browser is connected to e.g. keepass. Can ublock steel my private keys?

Just saying. This is what I fear. Maybe I misunderstand. But passkeys just seem to me to require trust of too many applications and third parties and even myself.

@glyph @bitprophet this. I used yubikeys a bit 10 years ago. Found it annoying when I didn't have my key. Also worried about colleagues finding and using my key. Today passkeys rely on a us big tech corp relay partner. Or I need to conect keepass to my browser ( attack surface) which i prefer not to. So... I understand that passkeys is more secure, but the trade offs are unfavorable I think.

I'll be happy if I am wrong.