This amazing impromptu interview is a great example of why anyone building or using a centralized web based service needs to switch to a password less authentication system, ideally supporting hardware tokens like a Yubikey.  

Your grandma can't be scammed out of her password if there is no password or SMS 2FA or anything like that to give the person on the phone scamming her. 

I hope new systems like Passkey become ubiquitous. Sure if you use Google or Apple for your keystores it's not ideal, but still a big improvement.  And there's no lock-in saying you HAVE to use a hosted keystore/password manager, it's an open standard with multiple open-source implementations. </end_rant>

https://passkey.org/

nostr:note14qremgdht7kpvymmaezhds2wmw42l89z0hcspjg2n4cn6ljcu5vsn0nush