I don't think your reasoning holds. You say "I know situations where one passkey client works with some websites and not others, but I don't know situations where a website works with some clients and not others".

If the website accepts a password, then it can't prevent you from using the password manager you want. But if the website accepts FIDO2 passkeys, it's the same thing, isn't it?

▲

valenterry 8 days ago | parent [-]

> but I don't know situations where a website works with some clients and not others

For example: https://www.w3.org/TR/webauthn-2/#dictdef-authenticatorselec...

> If the website accepts a password, then it can't prevent you from using the password manager you want. But if the website accepts FIDO2 passkeys, it's the same thing, isn't it?

Unfortunately not...

▲

palata 7 days ago | parent [-]

> For example: [...]

Those sound like requirements similar to those that can be enforced with passwords. My company enforces an SSO system with an MFA scheme that is controlled by the IT department. I can use my password manager for the password part, but I must use the mandatory MFA app.

In that sense, I am not sure it is so different from passkeys?

	▲	valenterry 6 days ago \| parent [-]
		Now you are not comparing passwords with passkeys anymore, but MFA with passkeys. Not sure what the point is in the context of the discussion. > In that sense, I am not sure it is so different from passkeys? Yes, if it means "company specific SSO* and a company chooses to force you to use the hardware they decided on, then that is in fact not very different from the passkey constraints.