| ▲ | chimeracoder 9 days ago | ||||||||||||||||
> The without recourse is the part that matters... Yes, and I'm saying that part isn't accurate either for the story you're portraying with passkeys or for the status quo. That's not how account recovery flows work. | |||||||||||||||||
| ▲ | mvieira38 9 days ago | parent [-] | ||||||||||||||||
With passwords, no account was even lost in the scenario for a recovery flow to start. An account recovery flow is only necessary because of the superfluous extra security, which will almost inevitably introduce more attack vectors than before (such as a social engineering attack through customer service) if the banks want to service customers like grandmas. | |||||||||||||||||
| |||||||||||||||||