A lot of services support passkeys. Microsoft even has an option to make my account “passwordless”. Since they are more secure than passwords, will you be switching some / most of your accounts to passkeys any time soon? Interested to hear everyone’s thoughts on passkeys. 🔑
Passkeys (depending on implementation) are more resistant to info stealer viruses.
The private key portion can be in your OS’s credential store and can be used to sign the challenge without being revealed to the calling application.
Of course this doesn’t work if you got rooted, but a lot of viruses of this kind try to steal what they can get as a regular user, and you can get a lot, ie AWS credentials, saved browser passwords etc.
In my view it’s cheap defense in depth.