> Consider passkeys as a standardized interface for password managers.
I have not followed WebAuthn spec for a while but I vaguely remember that the spec discouraged software-only authenticators.
Which made me feel like WebAuthn is yet another attempt to take the power from users and even states and concentrate it in the hands of a few multinationals controlled by US government.
Pretty much what happened to Certificate Authorities and the push to use HTTPS everywhere.
Of course there are benefits to HTTPS Everywhere and to passwordless authentication.
But they do not outweight concerns over the digital autonomy of my country.
For ordinary websites none of the existing platforms support WebAuthn attestation AFAIK, because the spec for attestation was not designed with key synchronization in mind, which is a key use case; otherwise, basic features like Keychain synchronization via iCloud would not work and the whole thing would be DOA. Synchronization is widely considered to be a core necessity to match the functionality of existing password managers.
I believe you can enforce attestation using MDM and a custom app as far as I'm aware. But for general people using Safari or whatever, you can't request any kind of device attestation.
1Password supports passkeys, and I am sure that others do as well.
Given the convenience factor (no extra install), I imagine that device/platform passkeys to be the most popular, but there should be no problem with using alternatives.
I have not followed WebAuthn spec for a while but I vaguely remember that the spec discouraged software-only authenticators.
Which made me feel like WebAuthn is yet another attempt to take the power from users and even states and concentrate it in the hands of a few multinationals controlled by US government.
Pretty much what happened to Certificate Authorities and the push to use HTTPS everywhere.
Of course there are benefits to HTTPS Everywhere and to passwordless authentication.
But they do not outweight concerns over the digital autonomy of my country.