I went through the white paper, yet still don’t completely understand how it is supposed to work cross device, granted I’m new to Fido.
Let’s say I have the same key synched between my laptop, smartphone and tablet. When I wake up in the morning, will there be a ceremony of unlocking my phone (standard non Fido way I guess?) then unlock my tablet from my phone, then the laptop from one of unlocked devices ? With some more costly backup process in case I only physically have one of the device I guess ?
Sync in this situation means that the actual private key being used to sign in with the website is stored in a password manager as if it were a password, and the service vendor (iCloud Keychain[0] for example) is the one that syncs the key to other devices utilizing that password management service.
But this 'passwordless' trend is more about signing into websites - If they do implement singing into other devices, I don't think many people will do it (but it's possible - Windows Hello already allows you to sign in with a security key and disable signing in with the MSA password).
I think the other reply here might be missing something because while I have not read the whitepaper, the announcement touts these two benefits of deeper FIDO commitment:
> 1. Allow users to automatically access their FIDO sign-in credentials (referred to by some as a “passkey”) on many of their devices, even new ones, without having to re-enroll every account.
> 2. Enable users to use FIDO authentication on their mobile device to sign in to an app or website on a nearby device, regardless of the OS platform or browser they are running.
Point number 2 directly invokes cross-device, cross-platform authentication. It sounds like "you can use your iPhone or Android to sign into a website on your Windows PC" to me. Whether passkeys might actually sync between iCloud keychain and whatever Microsoft offers seems unclear but much less likely
Let’s say I have the same key synched between my laptop, smartphone and tablet. When I wake up in the morning, will there be a ceremony of unlocking my phone (standard non Fido way I guess?) then unlock my tablet from my phone, then the laptop from one of unlocked devices ? With some more costly backup process in case I only physically have one of the device I guess ?