I get that, and I appreciate you sharing.

That doesn’t sound too bad then. Thanks.

Agreed. “Here’s a comic and also use my totally legit web site for your search traffic”

The available food is mostly things they can pop into the fryer: Think fish and chips, except you can also choose “planks” of chicken breast, or breaded shrimp, or little balls of seasoned dough called “hush puppies”.

My wife hates them, and they’re an occasional guilty pleasure for me.

Are you sure? TOTP secrets can be exported. I think passkey implementations explicitly prevent that. Unless I’m missing an option to export passkey creds, e.g. print them out.

That same disaster recovery feature (which I need) also helps avoid a future where every forum and avenue of dissent requires dis-repudiation via passkeys. It’s a weird nuance, ascribing a social effect to a simple ability to back up your keys without backing up your whole phone.

How does that protect against “only you could have logged in because this passkey is only on your phone”?

Passkeys make plausible deniability more difficult. “This user name isn’t necessarily associated with my real world identity” permits some important good things.