I had high hopes for them, but so far I'm not convinced. It's been a messy user experience trying to get them setup and working reliably with 1Password

Regarding magic links, I think it heavily depends on the type of application. I would never want my banking access to be protected by just my email address. That seems insane. I get the allure of it, because then developers (and companies) can simply say "not my problem" and move on, but there are plenty of SSO options that can handle this for you. In my personal opinion, this sounds a bit like trying to say, "This is more secure because now you have one key that unlocks your house, your cars, your safe with all your valuables, and everything else you own." It seems to ignore that most people will typically leave this same important key lying around on every one of the devices they use, typically protect access to it with only a 4-6 digit pin or a simple password, and is often left completely unsecured in environments they feel "safe" in.

@@Pygon2 if someone has your phone, you are screwed. The same with your email. But again, the future and real long term answer is passkeys. I plan to move all of my apps to 100% passkeys in the next year