> Some web sites have started to offer support for passwordless authentication using FIDO2 hardware keys. This offers similar security properties to SQRL (in some ways arguably better), while also being very simple to use.

Right.

> A major downside is difficulty of backup. The private keys are locked inside the hardware and cannot be accessed in any way.

That's a feature, not a bug. You buy at least 2 keys (1 backup), ideally 3 (2 backup).

As for SQRL, I never took anything serious at grc.com/Steve Gibson. He was all about snake oil 20 years ago, and probably still is.

This is much better, thanks.

Why is this better than WebAuthn? It looks almost the same but WebAuthn has much more support. It can use software-defined keys like Krypton though certainly it would be good for browsers to have standard APIs for this stuff.

This is a good write up! Thanks for adding