> 1) How can I share the fingerprint keys between chrome and safari?
If you're talking about TouchID then - keys aren't stored in a browser, they stored in whatever powers Touch ID (secure enclave?). So any browser that supports Webauthn will be able to reuse it.
> 2) How do I share keys between different types of devices? (mac, ios, android, windows)
Yes. I have multiple hardware keys that I use on: iPadOS, Android, Mac, Windows, Linux. Key exposes itself as HID, so it "just works"
> 3) What happens if my devices are gone?
Then you have to perform account recovery, just like when you forget your password
> 4) What happens if I want to change my login (email to a new email for example)?
Email isn't stored on the key. So changing email to a new email if entirely dependent on service you're logging in, just like in case of a password.
> 5) Is account recovery handled simply by a reset-email?
This is unrelated to passkeys and webauthn. This is a replacement for authentication, not account management, so yes, it's handled the same in a way that is entirely up to service how to handle it.
> 6) It seems a validation step of the email is missing?
I think at this point you can answer this question yourself?
If you're talking about TouchID then - keys aren't stored in a browser, they stored in whatever powers Touch ID (secure enclave?). So any browser that supports Webauthn will be able to reuse it.
> 2) How do I share keys between different types of devices? (mac, ios, android, windows)
Yes. I have multiple hardware keys that I use on: iPadOS, Android, Mac, Windows, Linux. Key exposes itself as HID, so it "just works"
> 3) What happens if my devices are gone?
Then you have to perform account recovery, just like when you forget your password
> 4) What happens if I want to change my login (email to a new email for example)?
Email isn't stored on the key. So changing email to a new email if entirely dependent on service you're logging in, just like in case of a password.
> 5) Is account recovery handled simply by a reset-email?
This is unrelated to passkeys and webauthn. This is a replacement for authentication, not account management, so yes, it's handled the same in a way that is entirely up to service how to handle it.
> 6) It seems a validation step of the email is missing?
I think at this point you can answer this question yourself?