214b9821
Using your steps and all the apps you mentioned, I was unable to register a passkey with my Google account on GrapheneOS. I get to the point when it's about to prompt me for fingerprint authentication, and then the Google account passkey registration page on my computer simply says "something went wrong".
This is on Windows 11, stock Chrome.

Oh, and by the way, you need to be logged in to your Google account on GrapheneOS (I logged in through Play Store) to even begin the authentication process. I don't understand what you mean by the "Google app". I am not seeing any app called simply "Google" on my device.

The Yubico demo page worked fine. There was no need to be signed in to a Google account (thankfully). Chrome still needs to be installed and enabled, as it seems to provide the registration and authentication pages. There's no need for any third-party QR scanning app.

    Google's implementation of passkeys only works on Android devices which are Google certified, which GrapheneOS is not. Other password managers such as Bitwarden and 1Password are planning to implement passkeys too, and those should work fine on GrapheneOS.

    6 days later

    digital Same here for Github. Logging in to Google with a passkey still works.

    Relaks I actually have an app called Google on my phone, loaded from Play Store. If I deactivate it, logging in to Google with the Passkey on the phone doesn't work.

      Android will have 3rd-party passkey providers in Android 14. From there it's on apps like KeePassDX to implement passkey support. But DX probably won't implement them until KeePassXC does (looks like it will soon!). Proprietary apps like 1Password will most likely implement them sooner, but I wouldn't really trust them (and I say this as a previous 1Password customer for 4 years).

      Google's passkey implementation probably won't work on GrapheneOS. Don't expect it to and don't rely on it to. Think of passkeys as an API/interface rather than a product - like USB. Any provider can implement it (Apple, Google, but also 1Password, KeePass, etc.), and any website can consume it - websites don't care who the provider is.

      214b9821
      Interesting, thanks for your reply. I tried to reproduce this with the Google app installed, signed in to a Google account. I still get the same error. Likely treequel is right here, and I look forward to 1Password implementing passkey support in Android 14 (which they have announced they will support as soon as the APIs are available, so I choose to be optimistic :-) ).

      10 days later

      I just noticed that the latest update of the android 1password app (as of September 12th) should support this. Unfortunately it is still not working.. at least for me. I can neither create passkeys nor log in with them.

      • latest GOS Android 14 for Pixel 5
      • latest 1password version (8.10.16 of September 12th)
      • tried browsers: Fennec, Vanadium, Bromite, Brave (w/ and w/o enabled flags for passkey support on chrome-based browsers)

        roxtii Response I received from 1Password support two days ago:

        Support for saving and signing in with passkeys on Android using 1Password isn't yet available. Although Android 14 will be required for this to work, it's not yet available in 1Password for Android just yet. If you'd like to keep up to date with our passwordless developments, you may want to sign up for our newsletter:

        We hope to be able to bring passkey support to Android in the very near future, so keep an eye on our newsletter, and our release notes on the Play Store or on releases.1password.com.

        This is regarding the third-party API implementation of passkeys. I've yet to notice a single service offering the creation of passkeys using this new feature in Android 14. Notably, Chrome has added support but not yet enabled the feature by default.

          Relaks I get got the PassKeys prompt from 1Password after I updated to A14. However it doesn't seem to work yet even if the app acts like it should be working

            hertz-vector Do you mind explaining how you got this working, and with which website or app you attempted to sign in with?