Passkeys' Caveats

Back to home_

0x0c

Passkeys’s & Domains

 ››Latest

Passkeys are unique to domains (Relying Party ID)

0x0b

Passkeys’ Public Keys

 ››

Public key is only available during generation

0x0a

iCloud backups

 ››

Passkeys in iCloud are by default backed up.

0x09

Authenticators setup

 ››

Requests can force specific authenticators.

0x08

Public key in DER format

 ››

Webauthn exports the public key in DER format.

0x07

No p-384 keys support

 ››

Passkeys don’t support other keys other than p-256.

0x06

Client side key creation

 ››

Passkeys can be created from the dev tools pane.

0x05

Create workflow can err

 ››

Passkeys calls are error-prone, based on user input.

0x04

Length of rawId and id

 ››

Passkeys’s properties rawId and id aren’t consistent.

0x03

Available Passkeys

 ››

It is not possible to see what Passkeys a user has.

0x02

Username vs Display Name

 ››

It is unclear which property is displayed.

0x01

Rejected creation

 ››

Passkeys can always be rejected.

0x00

Secure context

 ››

Passkeys will not work in localhost.

Back to home_

By 0xjjpa.

MIT License'd code available in GitHub.

Last updated - Sun Oct 08 2023