40
Passkeys are just passwords that require a password manager
(danfabulich.medium.com)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 05 Aug 2025
40 points (91.7% liked)
Hacker News
2200 readers
406 users here now
Posts from the RSS Feed of HackerNews.
The feed sometimes contains ads and posts that have been removed by the mod team at HN.
founded 11 months ago
MODERATORS
They do care, because it adds up at scale.
Google, MS, and Meta each have millions of accounts they manage. Billions for Meta. Their the ones pushing this.
The average user needs 2 resets a year at the enterprise level. Let's say that the Meta self-service system uses $0.01 in total costs to process one request. For Meta alone, that's $20 million a year, not even taking into account all the shitty "fraud prevention" stuff they have to go.
So if you can change your system to make the grandma that's driving up the average have to use a passkey, it saves Meta money - AND gives someone managing the passkey more granular data access. It doesn't help Grandma out at all, all things considered.
https://www.bleepingcomputer.com/news/security/the-true-and-surprising-cost-of-forgotten-passwords/