Apple, Google, and Microsoft want to kill the password with “Passkey” standard
The standard is being called either a “multi-device FIDO credential” or just a “passkey.” Instead of a long string of characters, this new scheme would have the app or website you’re logging in to push a request to your phone for authentication. From there, you’d need to unlock the phone, authenticate with some kind of pin or biometric, and then you’re on your way.
This sounds fantastic. I want to learn more about the implementation details though. For instance, what if you switched from iOS to Android, how would your passkeys transfer over? Or what if you don’t want to use Apple or Google to store/backup your passkeys, can you use a 3rd party?