@nikitonsky afaik, the 'long unique password' is a public key. The server does not have access to the private key. The passkey is tied to the website domain name. Passkeys cannot yet be moved between authenticators. Imo a different idea from passwords and password managers, better in many respects. Eventual UX story might be much nicer, short-term they’re unfamiliar and come with new UX challenges.(Have only used passkeys as a user, not yet as server operator. See also recent DHH/Hey comments.)