Please, please, please stop using passkeys for encrypting user data ↗ ↖

When you overload a credential used for authentication by also using it for encryption, the ‘blast radius’ for losing that credential becomes immeasurably larger.