Join the conversation in the comments below for a chance to get your questions answered by the Chrome team. 👇👇🏻👇🏿👇🏽 👇🏾👇🏼

It would be nice to skip the page where you press the "Next" confirmation button to ask if you want to log in with the pass key and automatically display the authentication screen. If it's set as the default authentication tool, I think we should make sure to choose an option or fail it.

FedCM FTW! Thank you !!

As a developer I am excited about this authentication method build on top of Webauthn. As a - sometimes a bit paranoid - user I fear that I'd have to use the OS or browser vendors credential managers to sync the private keys instead of FOSS and storage of my choosing. I curious about the way this will develop.

Good video, thanks.

Thanks

Hello, thank you for the explanation, but how can one change from two factors authentication, (like Google or Apple) to passkey, or whether any website or app, they must first give way to use passkey?

Could passkeys be the sole method for signing up and logging in, or does it need to rely on a traditional authentication mechanism? And is it still necessary to have the user enter a unique username or email address?

Does this make it possible to create anonymous user authentication? It seems this removes the need for a unique identifier such as email addresses for users to log in, in that case there is no need to know the identity of the user. Really cool for privacy-first apps!

As I understand there are Roaming authenticators (Phone, USB, etc) and Platform authenticators (Laptop, Desktop). When I experimented last there was issue if user creates account on website using a platform authenticator which is likely more convenient, then later they try login to the account from their phone, but they can't since it is a different device. From what I understood in the video, FIDO's solution to mitigate this is to allow syncing credentials across devices. Can you explain more about this works? It was my understanding these credentials don't leave the TPM (Trusted Platform Module) and I didn't understand how they could be shared. It seems like the boundary between Roaming and Platform is less clear now, and perhaps doesn't matter. Although the synchronization may be extra level of complexity for users.

whats the word on using a passkey on a shared account. for example i shared a profile with 2 others can I safely add a passkey that only I will use?

What happens when the user deletes created passkey? How can I bind this user with an account in my service?

Is there a solution for situtations when the phone is stolen or broken that also non-technical users can understand?

Can I use a passkey to sign into my Chromebook?

For example, passkey is on in my google account and my phone was stolen and then I bought myself a new phone. My question is how do I log in with the passkey on the new phone?

01:32 "as a developer you only store a public key instead of a password" - why would you as a developer store a password instead of password hash?

What the differences with normal webauthn？

So far a great presentation, and I expect the presenter is likely a great engineer at Google. So props to him. But for a presentation like this, would it not make sense to have someone who is more fluent - or rather, has less of a foreign accent - to actually present it? No disrespect to anyone intended, I just wonder at the idea.