If this gets implemented it will be the first step in showing that passkeys are a viable alternative to passwords in a meaningful way.
That is, there is no vendor lock in to multinational corps only interested in their bottom line and selling your data. They aren't tied to a device that can be lost, stolen or broken, or requiring you to have multiple devices just in case; and not tied to biometrics.
Lastly this means there is a proper open source, offline version that is portable across devices, browsers, and ecosystems. Putting the user back in control.
Absolutely, this is the one reason I'm not interested in passkeys yet. I want to fully own my authentication keys myself. Not trusting Google or Microsoft for that.
I hope it comes to zx2c4 pass too <3
I don't understand which part of FIDO/WebAuthn requires "trusting Google or Microsoft"?
The part where they are the sole implementors of the spec.
What do you mean? I run Keycloak for my home lab authentication needs and can use my YubiKey as a Webauthn factor from Firefox running on my Linux PC.
The only part where MS comes into the picture is the "Microsoft Windows" sticker on the bottom of the laptop, since HP shipped windows pre-installed.
Even forcing people to buy yubikeys is an antipattern.
We shouldn’t be forced to spend money at any company. Where are the Free (beer and Libre) methods??
I think there was also an implementation for mac os based on the t1/t2 chip, but since I've never had such a mac, I've never looked properly into that. But that probably means that you could roll your own.
A quick google search yields this for Linux with a TPM: https://github.com/psanford/tpm-fido