Émilio Gonzalez

Apple will implement the FIDO Alliance's new protocol to export and import #passkeys between providers! This will remove vendor lock-in for passkeys, one of the major current problems with it. Google and Microsoft should follow soon with their implementation.

https://arstechnica.com/security/2025/06/apple-previews-new-import-export-feature-to-make-passkeys-more-interoperable/

Coming to Apple OSes: A seamless, secure way to import and export passkeys

Apple OSes will soon transfer passkeys seamlessly and securely across platforms.

Ars Technica
Jun 15 at 5:20pmWeb
Show threadCJ MaloneJun 16
@res260 but will they allow you to export to any apps?
Show threadÉmilio GonzalezJun 16
@CjMalone @res260 Yes that's the goal! The app needs to support the protocol for it to work
Show threadCJ MaloneJun 16
@res260 including Open Source programs? Including KeyPass?
Show threadÉmilio GonzalezJun 16
@CjMalone @res260 It should, as long as keepass implements the Credential Exchange Protocol: https://fidoalliance.org/specs/cx/cxp-v1.0-wd-20241003.html
Credential Exchange Protocol

Show threadCJ MaloneJun 16

@res260 I'll believe it when I see it, until then, last I heard was KeyPass being threatened with being blocked because they allow local backups.

https://github.com/keepassxreboot/keepassxc/issues/10407#issuecomment-1994182200

[Passkeys] should never be exported in clear text · Issue #10407 · keepassxreboot/keepassxc

Overview Passkeys should never be allowed to be exported in clear text. There is significant work going on across the industry on a secure migration protocol for credentials like passkeys. Please c...

GitHub
Show threadÉmilio GonzalezJun 16
@CjMalone @res260 I'm not sure how your link supports your comment? 🤔
Show threadÉmilio GonzalezJun 16
@CjMalone @res260 Nvm just re-read
Show threadÉmilio GonzalezJun 16
@CjMalone @res260 I'm not sure if Apple will limit the exchange to on-device apps. The CEP allows to exchange creds to apps on-device and apps to other devices.