The FIDO Alliance is aware of passkey lock-in, and it’s actively working to address that:

With all relevant operating systems now natively supporting passkeys, companies have been increasingly adopting them as an alternative to passwords. Relying on passkeys minimizes the risk of getting hacked, as users don’t have access to their cryptographic keys, and intercepting them is significantly more challenging. However, those switching between different service providers may prefer traditional passwords, as there’s currently no easy way to import or export passkeys. To minimize the friction separating distinct platforms, the FIDO Alliance is working on a solution that makes moving passkeys between them a breeze.

The FIDO Alliance has published (via Neowin) a working draft encompassing specifications that would make moving passkeys between providers possible. When implemented, users would be able to securely import and export their passkeys, making switching platforms less challenging. Read more of the article.


More

The Register: AWS is pushing ahead with MFA for privileged accounts. What that means for you.

AWS is making multi-factor authentication (MFA) mandatory for privileged users, specifically management account root users…

Read More →

IT Brew: FIDO Alliance announces identity-proofing certification

FIDO’s Face Verification Certification tests for security, liveness, and bias in remote identity verification technology…

Read More →

Find Biometrics: ID Talk: Passkeys, Standards, and Selfie Certification with FIDO’s Andrew Shikiar

Andrew Shikiar, FIDO’s Executive Director and CEO, discusses key topics in authentication and identity security…

Read More →