The FIDO Alliance, the organization that’s helping shepherd passkey adoption, announced a draft of new specifications that would let users securely move their passkeys across different password managers.
Passkeys are great — it’s nice to be able to log in to apps and websites without entering a password. But there hasn't been a standard protocol for transferring your passkeys across password managers. The new specifications, the Credential Exchange Protocol (CXP) and Credential Exchange Format (CXF), are designed to fill that gap.
The FIDO Alliance’s “Credential Provider Special Interest Group,” which includes representatives from 1Password, Apple, Bitwarden, Google, Microsoft, Okta, and more, collaborated on the specifications. The new specifications are still in draft so that people can review and provide comments — they’re not adopted by password managers just yet.
But companies like 1Password and Dashlane have already announced that they will support them.
“It is critical that users can choose the credential management platform they prefer, and switch credential providers securely and without burden,” the FIDO Alliance wrote in its press release. “Until now, there has been no standard for the secure movement of credentials, and often the movement of passwords or other credentials has been done in the clear.”
Amazon also had some passkey news today, announcing that “more than 175 million customers” have turned on passkeys for their accounts.