tl;dr Yes you can definitely give a different ID to every web site and it's not even possible to correlate those IDs based on you using WebAuthn for them
The elliptic curve private keys used to sign the authentication message are actually different for every site you use the authenticator with, they're chosen at random and cheap authenticators aren't even storing them anywhere, which is part of how fiendishly clever WebAuthn / FIDO is.
Because the authenticators aren't storing the identifier, if you sign into GitHub as asiachick, after having previously enrolled your authenticator as southamericandude even that authenticator has no idea you're asiachick, and so it won't give the game away, and you can even enroll the same authenticator for both these users and it will work, correctly, and GitHub can only even prove anything is going on by deliberating asking asiachick to authenticate as southamericandude or vice versa, which they've got no reason to try.
Now, if you are using WebAuthn to do usernameless authentication (no password, not even a username, just WebAuthn and one touch to log in) this can't work without the authenticator knowing the credentials. But in that case your local device gives you a menu saying like, asiachick or southamericandude ?
The elliptic curve private keys used to sign the authentication message are actually different for every site you use the authenticator with, they're chosen at random and cheap authenticators aren't even storing them anywhere, which is part of how fiendishly clever WebAuthn / FIDO is.
Because the authenticators aren't storing the identifier, if you sign into GitHub as asiachick, after having previously enrolled your authenticator as southamericandude even that authenticator has no idea you're asiachick, and so it won't give the game away, and you can even enroll the same authenticator for both these users and it will work, correctly, and GitHub can only even prove anything is going on by deliberating asking asiachick to authenticate as southamericandude or vice versa, which they've got no reason to try.
Now, if you are using WebAuthn to do usernameless authentication (no password, not even a username, just WebAuthn and one touch to log in) this can't work without the authenticator knowing the credentials. But in that case your local device gives you a menu saying like, asiachick or southamericandude ?