@ente is it right that you still require a password and user name and the “passkey” only functions as second factor? That’s not really what a passkey is intended for this seems more a second factor via hardware key implementation. Not saying this is a bad idea, it’s obviously more secure but just wondering your take on this.