My wife and myself have a need to share passkeys for various sites. As we don’t want to use an iCloud keychain, can we use an encrypted usb flash drive, that has a keychain on it to share passkeys between devices. At this stage we haven’t created any passkeys, thus I have no way of testing this method. Any comments or advice would be greatly appreciated.
There’s no harm or downside in creating a passkey, so I would recommend that you just try it with a site like eBay, Amazon, PayPal, or LinkedIn. I honestly cannot visualize how this would work with a USB stick—it feels like vastly more effort than is warranted. I would be entirely comfortable with sharing passkeys via iCloud Keychain, and Apple’s Passwords app is a fine choice at this point in time.
1 Like
@silvester
I’d say since passkeys play a key role in security, the best way to store passkeys on a portable USB device, if you must, is on a security key.
Why? When protecting valuable data or access to sensitive activities, you should not do anything unexpected or unsupported by your chosen security method. Passkeys aren’t meant to be handled like “regular” applications and files by design. Also, USB thumb drives are not well suited for long-term storage of data for many reasons.
——————————
Resources, if you’re interested:
2 Likes
Do you know of any sites that will disable your password after creating a PassKey? I’d be very afraid of being away from a trusted device and end up with no way to access my account.
Especially because I use multiple web browsers (Safari, Firefox, Edge, Chromium) on multiple operating systems (iOS, Android, macOS, Linux, Windows), and I know of no mechanism that can sync passkeys across all of them.
Literally none. Which is good from the standpoint of multi-browser, multi-platform access, but is bad from a security standpoint, since the website can then be breached and your password stolen.
I haven’t looked into the details, but I believe 1Password can sync passkeys among all those platforms and browsers.
I can confirm that I use the majority of my passkeys (42 as of today) in 1Password, and they definitely sync to other supported platforms. I do have 26 passkeys in the Apple keychain (the Passwords app) which work well on Safari across my Apple devices. In some cases (when the vendor supports it) I have a passkey from both defined with the site.
I find it interesting that some sites will allow you to log in solely with a passkey, while others will ask for your username first, and still others will ask for your username and password and then use the passkey more as a 2FA method rather than a primary method.