[kosherhurricane]

> it makes me have to maintain several sync fabrics

Yes, that's the con. That's why 3rd parties like 1password exist. Of course, they have to fight to get their plugins into the Big 3, as the Big 3 want you to use their systems.

But also the pro is that if you lose access to your sync fabric X (security breach, account closure), you can still use sync fabric Y. It's like backup fido2 tokens.

I think the security benefit of passkeys outweigh the small vendor lock-in they might create.

[sebk]

> But also the pro is that if you lose access to your sync fabric X (security breach, account closure), you can still use sync fabric Y. It's like backup fido2 tokens.

This is forced. I'd rather decide to do that myself depending on what my risk tolerance is. The charter of the WebAuthn working group is to provide a phishing resistant authentication mechanism, not an account-closure resistant mechanism.

> I think the security benefit of passkeys outweigh the small vendor lock-in they might create.

Absolutely, but we shouldn't have to choose! I'm not so sure the Big 3's desire for you to use their systems outweigh their desire for you not to get phished (since it also carries a cost for them), so I believe they at least have some incentive to play nice.