Just want to mention this as you presented WebAuthn and Passkeys as two separate technologies. Passkeys are made possible by the FIDO2 standard which is made up of Web Authentication (WebAuthn) and Client to Authenticator Protocol (CTAP). The confusion comes from WebAuthn MFA where credentials (Non-Discoverable) are stored on the server side/non-resident. Passkeys on the other hand are client side/resident discoverable credentials. Passkeys also have a option to sync to the cloud, across devices while WebAuthn MFA does not. The most important difference is that passkeys can be used as first-factor authentication whereas WebAuthn MFA can only be used as a second-factor after user registration with a password.

Great talk, thank you.

The entire reason I clicked this video was because I was hoping to learn more about magic links and then he spends two minutes on them and he's like "eh, they're ok but I don't like them". 🙃

Stop laughing like that during a lecture. And please, stop drinking while you are wihin a sentence.