Absolutely. Depending on your threat model a password manager is exactly the same sort of "single point of failure" as Microsoft's "passwordless" implementation with a worse added huge information disclosure risk on a successful attack.
It's more reason I consider our current collective "password" approach broken. Passwords don't scale at a human level and password managers full of "random garbage" passwords are a great workaround for that, but they have their own threat models and risks and accidental information disclosures to worry about. I believe we need to keep in mind that it is a workaround.
It's more reason I consider our current collective "password" approach broken. Passwords don't scale at a human level and password managers full of "random garbage" passwords are a great workaround for that, but they have their own threat models and risks and accidental information disclosures to worry about. I believe we need to keep in mind that it is a workaround.