diff --git a/apps/server/Utilities/AliasVault.ImportExport/Importers/BaseImporter.cs b/apps/server/Utilities/AliasVault.ImportExport/Importers/BaseImporter.cs
index 29f5e45a1..d09ab9aca 100644
--- a/apps/server/Utilities/AliasVault.ImportExport/Importers/BaseImporter.cs
+++ b/apps/server/Utilities/AliasVault.ImportExport/Importers/BaseImporter.cs
@@ -7,14 +7,14 @@
 
 namespace AliasVault.ImportExport.Importers;
 
+using System.Globalization;
+using System.Text.RegularExpressions;
 using AliasClientDb;
 using AliasClientDb.Models;
 using AliasVault.ImportExport.Models;
 using AliasVault.TotpGenerator;
 using CsvHelper;
 using CsvHelper.Configuration;
-using System.Globalization;
-using System.Text.RegularExpressions;
 
 /// <summary>
 /// Generic import logic.
@@ -259,9 +259,12 @@ public static class BaseImporter
             {
                 foreach (var passkey in importedCredential.Passkeys)
                 {
+                    // Use the GUID from the import if available, otherwise generate a new one
+                    var passkeyId = passkey.Id ?? Guid.NewGuid();
+
                     item.Passkeys.Add(new Passkey
                     {
-                        Id = Guid.NewGuid(),
+                        Id = passkeyId,
                         RpId = passkey.RpId,
                         UserHandle = passkey.UserHandle ?? Array.Empty<byte>(),
                         PublicKey = passkey.PublicKey,
diff --git a/apps/server/Utilities/AliasVault.ImportExport/Models/Exports/AvuxPasskey.cs b/apps/server/Utilities/AliasVault.ImportExport/Models/Exports/AvuxPasskey.cs
index 194238af5..304e488be 100644
--- a/apps/server/Utilities/AliasVault.ImportExport/Models/Exports/AvuxPasskey.cs
+++ b/apps/server/Utilities/AliasVault.ImportExport/Models/Exports/AvuxPasskey.cs
@@ -13,7 +13,8 @@ namespace AliasVault.ImportExport.Models.Exports;
 public class AvuxPasskey
 {
     /// <summary>
-    /// Gets or sets the passkey ID.
+    /// Gets or sets the passkey ID (GUID).
+    /// The WebAuthn credential ID is derived from this GUID at runtime using base64url encoding.
     /// </summary>
     public Guid Id { get; set; }
 
diff --git a/apps/server/Utilities/AliasVault.ImportExport/Models/ImportedPasskey.cs b/apps/server/Utilities/AliasVault.ImportExport/Models/ImportedPasskey.cs
index 1ce193819..1f0a2a735 100644
--- a/apps/server/Utilities/AliasVault.ImportExport/Models/ImportedPasskey.cs
+++ b/apps/server/Utilities/AliasVault.ImportExport/Models/ImportedPasskey.cs
@@ -12,6 +12,12 @@ namespace AliasVault.ImportExport.Models;
 /// </summary>
 public class ImportedPasskey
 {
+    /// <summary>
+    /// Gets or sets the passkey ID (GUID from the original database record).
+    /// This is used to preserve the credential ID during import/export.
+    /// </summary>
+    public Guid? Id { get; set; }
+
     /// <summary>
     /// Gets or sets the relying party ID.
     /// </summary>
diff --git a/apps/server/Utilities/AliasVault.ImportExport/VaultImportService.cs b/apps/server/Utilities/AliasVault.ImportExport/VaultImportService.cs
index eef9f1b76..ef33029dd 100644
--- a/apps/server/Utilities/AliasVault.ImportExport/VaultImportService.cs
+++ b/apps/server/Utilities/AliasVault.ImportExport/VaultImportService.cs
@@ -247,6 +247,7 @@ public static class VaultImportService
     {
         return new ImportedPasskey
         {
+            Id = avuxPasskey.Id,
             RpId = avuxPasskey.RpId,
             UserHandle = !string.IsNullOrEmpty(avuxPasskey.UserHandle)
                 ? Convert.FromBase64String(avuxPasskey.UserHandle)