Hi, I watched through the video for passkeys and I have couple of questions for passkeys adoption cross channel/platform. when I try to login from PC for an account for which I have passkey generated from App, PC browser generates a QR code, iOS will act as the authenticator on the scan of QR code and logs the user in. Now,
- for subsequent Login, will the PC user be still shown QR code or is the QR code and authenticator from iOS just single time for enrollment and for loggin in subsequent time, browser can take care?
- Will there be any 2nd public private key pair generated from PC to handle subsequent login?
- if not, does the iphone need to be in close proximity every time?
My question is more towards the Keys generated for PC browser and subsequent logins from PC. can you please throw some light on above questions?
Great questions!
- A new QR code will be shown each time.
- This is up to the service you're signing in to. That website or app will be able to see that you signed in across devices, and we recommend that it offers the option for you to create an additional passkey on the client device. This would require an explicit registration step on the client device after you're signed in.
- If the service does not offer the option of enrolling an additional passkey, or you opt of doing so (e.g. because the client is a shared device), then yes the phone will need to be in proximity every time.