This isn’t to blame the people working on the specs, or even the tools. It’s just the emergent reality of the various actors all trying their best.
Replies
Hardware backed passkeys? Great security. Can’t be exported. Can’t be used without your device. Can’t be used without your device. Obviously this required that we create a solution where the passkeys could be used on another device besides the one you set it up on. Now passkeys can be exported.
jul 3, 2025, 4:39 pm • 2 0 • view
Exportable passkeys are objectively still better than passwords or totp 2FA. But it’s also a marked downgrade from hardware bound keys, and in a way that seems pretty transparent to the user.
jul 3, 2025, 4:42 pm • 2 0 • view