I am so happy that Apple is embracing FIDO2 so soon. It is the future (Google, Apple and Microsoft: A password-free future is in the making).
Yes, it has to work across platforms and it will. It may sound frightening and ambitious, but it is the way to go. Passwords are broken. They do not work. There are means to make them work (password managers), but it is a flawed system. A password is a secret anybody can enter to “identify” a person. As soon as somebody has the password, the credentials are compromised (yes, there are additional components like 2FA, but…).
With FIDO a device (Yubikey, soon: iPhone) identifies you and you are logged in. What happens, if the device is stolen? Well, you are needed to identify yourself via the device, the device itself is not the ultimate key, you are the ultimate key. What happens if you lose this device? There are solutions. One of them is to have more than one device to identify you (iPads, Macs, PCs, USB tokens, smartphones and what not). Difficulties? Danger? Maybe. Right now. Because FIDO is happening in “geek land” these days (not a trivial thing). But that will change when all big players implement FIDO2 on the system level. I am confident that the FIDO alliance and other players know what they are doing. This is no password manager, this is a password-less identification method that identifies a person reliably and securely. Like in the real world. Usernames and passwords are hacks to make the identification of the person happen in the world of computers and networks. FIDO2 will skip this “hack” going back to the root cause: the identification of the person itself. Again: I know that all this sounds scary. But we are at the starting point of this implementation of FIDO. Time will tell how everything will work and interact with each other from system to system.