alt Hacker News> You're quoting the first post of a long discussion
"You absolutely should be preventing users from being able to copy a private key!" is the 8th post in the discussion.
Do you stand by these words, or are you now repudiating them?
> You're choosing to use an app that doesn't meet your needs
I am using an app that meets my needs. I don't need passkeys. It's just other people telling me that I need passkeys.
Copy and paste in clear text? Yes, I don't think that's a good idea. Download to disk in clear text? Yes, I don't think that's a good idea.
Years and years of security incidents with consumer data show that this is a really bad idea.
At minimum, a credential manager distributed for wide use should encrypt exported/copied keys with a user selected secret or user generated key.