I've flagged this as a low value submission, despite the fact that I'm the author the linked social media post. It's not much more than a little rant.<p>However, I will give credit to the comment <a href="https://news.ycombinator.com/item?id=37837124">https://news.ycombinator.com/item?id=37837124</a> on the submission "Passkeys are now enabled by default for Google users" <a href="https://news.ycombinator.com/item?id=37832585">https://news.ycombinator.com/item?id=37832585</a> for the link to the 1Password AMA: <a href="https://old.reddit.com/r/1Password/comments/16to6x7/hey_reddit_were_the_team_behind_passkeys_in/k3g1kz5/" rel="nofollow noreferrer">https://old.reddit.com/r/1Password/comments/16to6x7/hey_redd...</a><p>I did write a longer blog post on the subject a number of months ago: <a href="https://news.ycombinator.com/item?id=35854216">https://news.ycombinator.com/item?id=35854216</a> (176 comments)
> <i>The only way to avoid vendor lock in is to allow passkeys to be persisted unencrypted.</i><p>Is this true? Naively I’d expect there to be a two-key solution that would allow Vendor A to transfer passkeys to Vendor B without requiring them to be stored unencrypted. Is the issue just that the two vendors have to trust each other (as opposed to just both being trusted by the user) for that to work?