Unless I can back it up and import it into a new device from a competitor, then there is no way I am going to use this unless forced. I do not trust one company anymore.
Yes, this! Without a export/backup function for these data, you could easily lose access to nearly everything and the lock-in effect would also be something currently unseen.
There's nothing to backup/import. If you have an iPhone, you use your fingerprint or Face ID. If you sell your iPhone and buy an Android, you use your fingerprint or face recognition on that device.
That doesn’t sound correct. It’s not the finger print which identifies you to the website, it’s the public private keypair.
The private key is stored in the device’s Secure Enclave. It’s the face and fingerprint recognition which authenticates to the Secure Enclave in order to retrieve the private key.
When purchasing an android phone, you do need to sync the private key to the new device. Hence Passkey, which uses iCloud as its secure and authenticated syncing scheme.
I haven't dug into the docs yet, but I don't quite follow this. How does it know that the ex-iPhone owner and current Android owner are the same person (and should have access to the same account)?
If you did switch ecosystems, you'd probably need to do the whole re-enroll dance on every website that had your previous key. I don't see any sort of passkey backup/import functionality coming anytime soon simply because people don't change ecosystems that often, and those that do can simply keep both their iCloud and Android-based passkeys on services.
Passkey works on non-Apple devices by showing a QR code on that device, having the iPhone scan it, then a BLE connection being established to allow the phone to remotely sign webauthn requests. I only mention ‘switching ecosystems’ in the sense of moving between Apple and Android mobile devices.
I know it does not. It's in the Cloud. I was referring to SIM and phone number when I was thinking potential way to recover.
Can you explain how a person can login into their iCloud and recover their iCloud Keychain after they have lost their only Apple device (iPhone) if Apple Passkey needed to access iCloud?
>To recover a keychain, a user must authenticate with their iCloud account and password and respond to an SMS sent to their registered phone number.
In other words. If you lose your iPhone (containing your SIM) you can't get access to iCloud or iCloud keychain until you have a new SIM with the same phone number from your carrier.
If you travel in a foreign country and lose your iPhone you are locked out of "everything Apple".
You can register VoIP and landline numbers as well, and nothing says the number must be yours; you can also add the number of a trusted family member or friend.
You can choose which preregistered number to send a message to (or to be called with a recorded voice) in the event you need access to your account in an emergency.
This also implies you have no other Apple devices which are signed into your account, as they will receive a code by default.
SMS works with password access as 2FA it's part of plan A in recovery.
None of the methods you mention are something that should be expected from normal users. Or they don't work when traveling. I travel a lot.
"There is a way you could set it up" does not mean Apple has a good solution. As I'm a person without family and only one iPhone I stay away. People who don't pay attention are fucked.
