Wasn't the point of passkeys that they aren't exportable and are device/hardware-bound? If you can export your passkey and use it on another device then it's just an autogenerated password, no?
For anyone not using one: You can export, CSV file being most common format, all your logins and date from most password managers and import into another, but at present it doesn't export 2fa.
So if you setup TOTP (authentication code) and move password managers you would need to login to each individual account and remove the 2fa and then add it again.
Wasn't the point of passkeys that they aren't exportable and are device/hardware-bound? If you can export your passkey and use it on another device then it's just an autogenerated password, no?
For anyone not using one: You can export, CSV file being most common format, all your logins and date from most password managers and import into another, but at present it doesn't export 2fa.
So if you setup TOTP (authentication code) and move password managers you would need to login to each individual account and remove the 2fa and then add it again.
Meanwhile we have members of the FIDO Alliance threatening to revoke attestation of open source tools for even considering doing the same thing...
Definitely rules for thee.
Indeed.
FIDO need to officially step up and apologise for those comments if they want any trust whatsoever here.
Now if only they'd allow non attestable passkey implementations for Apple accounts.