Device-bound — Passkeys Updated

Yes, losing the device becomes a bigger deal. (Backup codes or a second hardware key solve that.) And yes, it’s slightly less convenient than cloud sync.

Imagine a world where "hacking your password" is impossible—not because your password is a 20-character monster of symbols you can’t remember, but because the key to your account literally never exists on a server to steal.

These keys are forged inside a single piece of hardware—your YubiKey, your Pixel’s secure chip, or your Mac’s Secure Enclave—and they never leave . Not for backup. Not for sync. Not for a friendly "hey, share this with your tablet." device-bound passkeys

Because even if a hacker steals your laptop’s hard drive, breaks into your password manager, or tricks you into clicking a phishing link that looks exactly like your bank… they walk away empty-handed. Without your specific, physical device in their hand, the key simply doesn’t work.

Device-bound passkeys are the seatbelt of the modern web: slightly less comfortable, but you’ll be glad you used them the day someone tries to break in. Yes, losing the device becomes a bigger deal

That world is here. They’re called .

They are bound to that device by physics and cryptography. These keys are forged inside a single piece

You’ve probably heard of passkeys: the shiny new "password killer" from Apple, Google, and Microsoft. Most are synced passkeys—they float across your devices via the cloud. Convenient? Yes. But they share a subtle weakness: a sophisticated attacker who compromises your iCloud or Google account could potentially clone those keys from afar.