Hacker News new | past | comments | ask | show | jobs | submit login

Are they not private keys that shouldn't be synced across devices? I thought icloud facilitated automatic creation of passkeys for each device, not actually sharing the same passkey across devices?



That's the crux of one of the debates... members of the FIDO Consortium threatening KeePassXC and other open source tools with blocking for sharing "roaming keys", meanwhile "Oh, Apple wants to share keys via AirDrop? No problem", which is one of the concerns, that it's yet another "push users to Apple and Google's tool of choice".


There are two types of passkeys (1) resident, hardware-bound, non-copyable, installed on Yubikey etc., and (2) non-resident, copyable.

Technically, by not being copyable, a resident key isn't a "Passkey," but that's just terminology and it serves the same purpose as a passkey.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: