Looks like a huge amount of security vendors are working to have a secure and open standard for passkey portability between platforms.
It is always good to see major collaboration in the security space like this considering the harsh opinions that users of some of these vendors have toward many of the others. I just wish apps and sites would stop making me login with username and password if passkeys are meant to replace that lol.
If they’re not portable how would I for example login to an account while on my Desktop, if I set up the passkey on my Phone?
You generate a second one on the other device.
Assuming that all services you log into support multiple passkeys. My auto financing company doesn’t, for example
There are already systems in place that allow temporary passkey sharing, for example with a QR code (CaBLE) https://www.corbado.com/blog/webauthn-passkey-qr-code
Doesn’t that imply you still have to open up your phone to temporarily share to your pc whenever you need it?
Yes but when you are logged in, you can add the passkey that belongs to the new device to your account
That doesn’t transfer the private key though (or at least it shouldn’t).
I’m pretty sure it’s just transferring public keys and signing the response with the private key on your phone.