> A key part of the recent push for passkeys has been cross device syncing with your Google / Apple / whatever password manager account, so you end up in the same situation: if you can log in to Bitwarden to access your passwords, you can log in to your password manager to access your passkeys.
Relying on Google/Apple is no better, with the stories of people losing access to their (Google in particular) account, and not being able to recover or let alone even reach a human at Google to begin with.
Why not have a public service for this, instead of relying on big tech that can just revoke your account for any number of ToS "violations" without recourse? The solution for "normies" should not be rely on and trust Google with your entire digital identity.
Getting the State involved is just a different, much worse threat actor than Google, though. From this discussion it should be evident how much more sovereignity passwords give you, if you want the State involved it should regulate websites' policies on passwords, such as: no service shall be hostile to password managers (special character bans, short limits on length, no pasting), no service shall require regular password resetting (proven to worsen security).
State involvement may be better used in policing, too. Public repositories of leaked passwords (without usernames, of course) would do wonders, for example
Google can ban me (really just one specific digital instance of me) from their services. The government can throw me in jail, take all my property, fine me whatever amount they want, etc.
Relying on Google/Apple is no better, with the stories of people losing access to their (Google in particular) account, and not being able to recover or let alone even reach a human at Google to begin with.
Why not have a public service for this, instead of relying on big tech that can just revoke your account for any number of ToS "violations" without recourse? The solution for "normies" should not be rely on and trust Google with your entire digital identity.