Passwords have long been the standard for logging into online accounts. But they come with many downsides that make them inconvenient and insecure. A new login method called Passkeys aims to replace passwords with a more secure and seamless authentication experience. This article will explain what Passkeys are, how they work, and why you should start using them. We'll also see the process of enabling Passkeys & then the process of using Passkeys to Log In.
What Are Passkeys?
Passkeys are a passwordless authentication method developed by an alliance of Apple, Google, and Microsoft as part of the FIDO standard. Instead of passwords, Passkeys use public-key cryptography to verify your identity.
Passwords have always been vulnerable to hacking, data breaches, phishing, and other cyberattacks. They're also a hassle to remember and reset when forgotten. Passkeys provide a more secure and user-friendly way to log in without compromising convenience.
How Do Passkeys Work?
Passkeys utilize public-key cryptography. When you first sign up for a website using a Passkey, your device generates a public-private key pair. The public key gets stored on the website's server.
To log in later, the website sends your device a challenge that can be signed using your private key. This signature can then be verified with the public key the site already has, proving you're the legitimate owner.
An important aspect is that Passkeys are specific to individual devices. Your laptop and phone will each generate their own unique key pairs. This provides greater security than passwords.
Enabling Passkeys for Apple devices
To use Passkeys, your devices need to have biometric sensors like fingerprint or face recognition. This allows generating and approving the cryptographic keys.
Platforms like iOS, Android, Windows, and MacOS are adding native support for Passkeys. Chrome, Safari, and Edge browsers also let you use them for signing into websites.
1. Apple devices store the Passkeys in iCloud Keychain, to enable this open the settings app in your Apple device. Here scroll down to Passwords & open it. Now here select "Password options".
2. Now turn on the toggle next to "iCloud Keychain".
3. In your settings, click on your Apple ID at the top & select "iCloud".
4. Here under the "Apps using iCloud" section, you'll see the " Passwords & Keychain" option, turn this on. Also, make sure it's turned on other Apple devices. Now you can start using the Passkeys instead of passwords.
Using Passkeys to Log In Step-by-Step Process
This is new tech so currently few websites have this option. If you want to check the supported websites then you can check from here: Who already supports passkeys?
The website gives you the option to convert using passwords to using Passkeys if you are already a user. Now if you create a new account then they will give an option to set up a passkey during the signup process.
Here is an exact step-by-step guide to using Passkeys when logging into a website:
1. In the guide we'll create a new account to understand the process. You can also test this using the website named passkeys.io. So open the website & enter your email & click on continue.
2. It'll detect that you're not registered, & give you the option to create a passkey, so click on the "create a passkey" button.
3. Then it'll ask you to sign in using Touch ID/Face ID. So use the Touch ID/Face ID to authenticate.
4. And that's it, it'll automatically create a passkey & store it in your iCloud Keychain.
5. You can view your passkey by going to Settings>Password. Here you'll see the list of all your passkeys.
6. Now test this sign-out from the website & click on "sign in with passkey".
7. Now it'll again ask you to sign in using Touch ID/Face ID. So use the Touch ID/Face ID to authenticate & you can log in to the website.
Enabling Passkeys on Existing Websites
If you already have an account with the website then you can also enable the passkey for that if the website supports it. For this example let's see how to enable Passkey for a Google account so that you can use Passkeys instead of passwords to sign in to your Google account in the future.
1. For this go to the Google Passkeys page, and click on the "Get passkeys" button & sign in with your account. For the first time, it'll ask for the password.
2. Now it'll ask you to sign in using Touch ID/Face ID. & when you use your ID then it'll create a Passkey & store it in iCloud Keychain, which you can view from the settings. Now even if you're in incognito mode, you can still log in to your Google account with this passkey just using your Touch ID or Face ID.
The login process with Passkeys is hassle-free. When signing into a site, you'll be prompted to authorize with your fingerprint or face scan rather than entering a password. Once verified, you'll instantly get access.
No more forgetting passwords or going through multi-step recovery workflows. Approving a biometric prompt is all it takes to log in seamlessly.
Your Passkeys also sync across devices like your phone, laptop, and tablet via your iCloud account. This allows seamless secure access from all your devices.
Why Passkeys are Better than Passwords
Passkeys have significant security and convenience advantages that make them the future of account authentication.
-
More secure - Passkeys are not vulnerable to phishing, social engineering, or data breaches. Only your biometric data can generate and approve the login cryptographic keys.
-
Faster and easier - Logging in simply requires a fingerprint scan. No typing or remembering complex passwords. This greatly improves the sign-in experience.
-
Portable and synced - Passkeys sync seamlessly via the cloud while remaining secure. Your experience stays consistent across devices.
Conclusion
Passkeys are poised to replace the outdated password model. All major platforms are adopting this new standard to help users log in more securely and conveniently. As more websites begin rolling out support, switching to Passkeys will save you hassle while making your accounts more resilient against compromise. The passwordless future is coming - it's time to prepare by going password-free.
FAQs - Passkeys
Are Passkeys completely secure? What are the risks?
Passkeys are very secure, but not completely risk-free. The main risks are losing access to your devices where the Passkeys are stored, or having your biometrics compromised. However, they eliminate many of the biggest password risks like phishing and data breaches.
How do I know which websites support Passkeys?
You can check the passkeys.io website for a list of sites and services that have implemented Passkey support so far: https://www.passkeys.io/who-supports-passkeys
What happens if I lose my phone or device where my Passkeys are stored?
If you lose a device, you can simply use another device where you have Passkeys set up to log in. Your Passkeys sync across devices via services like iCloud Keychain. If you don't have other devices then you either create a new passkey or password. The same process for current password resets.
Can I use Passkeys on non-Apple devices?
Yes, Passkeys are a cross-platform standard that also works on Android, Windows devices, and Chrome/Edge browsers. However certain features may differ compared to Apple's implementation.
What if I can't use biometrics (fingerprint or face scan) on my device?
On devices without biometric sensors, you can authenticate using your PIN code or device lock screen pattern to authorize your Passkeys.
How can I disable Passkeys if I decide I don't want to use them?
You can go into your account settings for each site to disconnect your Passkey association. On Apple devices with iCloud Keychain, you can disable Passkeys in your iCloud settings.
Do Passkeys work in incognito or private browsing mode?
It depends on the browser and device. Some may restrict Passkey use in private browsing modes due to the way data is partitioned. But most times it works fine.
Can I share my Passkeys with others?
Yes, you can share passkeys with others if they're stored in a password manager that supports them. In Apple devices you can share directly from Keychain.
Can I use Passkeys for logging into apps on my phone or computer?
Increasingly yes, but app-level integration is still in early stages. As more platforms adopt Passkeys, they will work for authenticating both websites and apps.
How can I back up my Passkeys in case I switch devices?
On iPhone you can back up your iCloud Keychain via iCloud or iTunes where your Passkeys are stored. For other devices, wait for backup options specific to Passkeys to become available.
Will Passkeys work on older devices that don't have fingerprint scanners or facial recognition?
Passkeys can still work on older devices by using your PIN code, pattern, or password to authorize login instead of biometrics. But some very old operating systems may not support Passkeys at all.
Explore more topics: