A new login technique is becoming available in 2023: the passkey. The passkey promises to solve phishing and prevent password reuse. But lots of smart and security-oriented folks are confused about what exactly a passkey is. There’s a good reason for that. A passkey is in some sense one of two (or three) different things, depending on how it’s stored.
It would be backed up at the point of provisioning.
A TPM can be set to allow exports or block them, so if you program the TPM to export a key once and then flip the switch to block exports then you can have this kind of backups and synchronization