> But the new latest thing from Google+Microsoft+Apple is 'passkeys' or 'passwordless' authentication, where you won't have a password. Two-factor authentication will be device+biometric, with the biometrics performed on the device. 'The device' in this case will be your smartphone, or windows PC with TPM. Or maybe a biometric yubikey for 0.01% of users.
I don't believe it's restricted to Yubikeys with biometrics:
I don't believe it's restricted to Yubikeys with biometrics:
https://support.google.com/accounts/answer/13548313
"You can create passkeys on these devices:
- A laptop or desktop that runs at least Windows 10 or macOS Ventura
- A mobile device that runs at least iOS 16 or Android 9
- A hardware security key that supports the FIDO2 protocol"