FIDO2 was designed with a privacy-first mindset, the entire specification is designed around preventing these threats.
Your computer can identify them based on serial number or other identifiers typically, but those identifiers are never[1] shared with the websites when you use your key.
They can’t be used to link identities together.
Discoverable credentials (Passkeys, which store your username) can be wiped with management software. Typically the tools to do so are baked in to your browser. Non-discoverable credentials (typically used for 2FA) aren’t really “stored” on the key in the first place so there’s nothing to wipe, but they also can’t be associated with each other.
Some poorly designed no-brand security keys have been known to share hardware identifiers in the past erroneously. You should use a security key developed by a competent company like YubiKey. ↩︎