--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/493eec24-5229-4258-a99f-7ead74c75f03n%40fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/CACZ9TyCWd_GMkqcrAzJUPNs9MycTWk0rXGyOV2Lo2e%3Dc%3DzwidQ%40mail.gmail.com.
If passkeys become a universal form of multi-factor authentication, organizations should indeed have the option to choose between sync-enabled passkeys and non-sync-enabled passkeys. This flexibility would allow organizations to align their security policies with their specific needs and risk profiles.
Additionally, in the general case, browsers should prompt users for consent before syncing passkeys across devices via cloud services like Google or Apple. This ensures that users are fully aware of where their credentials are stored and can make informed decisions about their security and privacy.