I’ve been struggling to get my head around the idea that a passkey, which can be a PIN on your phone, or facial recognition, can be safer than using a complicated password, and two factor authentication.
I get that having something unique to your device, not stored on a company’s server is unphishable, and less hackable by cybercrims, but what if your phone is nicked and someone guesses the password? And what if you lose your phone?
Sorry if that sounds simplistic, but I am genuinely stumped to understand why the UK’s National Cyber Security Centre and others who know about these things are so sold on passkeys. Can anyone who’s used them enlighten me? Martin Avis, Chester
Post your answers (and new questions) below or send them to nq@theguardian.com. A selection will be published next Sunday.
