If you are signed up on a lot of websites, chances are there are a lot of passwords that you need to remember. While password managers definitely make the task easier, wouldn’t it be better if you simply didn’t have to remember passwords at all? That’s what the newly announced ‘Passkeys’ aim to do. So, what are Passkeys, and how can you use them? Well, that’s exactly what we’re going to discuss here.
What are Passkeys?
Passkey is a new standard based on the Web Authentication API (WebAuthn), designed to use public-key cryptography for authenticating apps and websites. Passkey enables your device to store private key information and use it to generate signatures to let you authenticate against a web server resulting in a seamless and secure password-less sign-in experience.
- What are Passkeys?How do Passkeys Work?Why are Passkeys More Secure?How to Create a Passkey on iPhoneHow to Create a Passkey on MacHow to Use Passkeys on iPhoneHow to Use Passkeys on MacHow Do Passkeys Work on Android and Windows Devices?A Look at Key Benefits and Limitations of PasskeysFrequently Asked Questions about Passkeys
Before getting to know how Passkeys work, let’s briefly understand how passwords function as it would help in differentiating the two authentication methods.
Passkeys generate a unique pair of related keys: Public and Private keys. While the public key is stored on a web server, the private key is stored on your device.
Passkeys rely on Bluetooth to work securely, unlike the two-factor authentication that uses Wi-Fi. With the access to Bluetooth, Passkeys are able to get both close physical proximity and also verify that it’s actually the user who is trying to sign in to the account.
Knowing that Passkeys are always locked and never leave your device, hackers will need to have physical access to your device and must authenticate your identity using Face ID/Touch ID to unlock it in order to break into your account. That’s one heck of a challenge, isn’t it? Let alone others, even you will never know your Passkey. If that’s not enough, Passkeys are also shielded by robust end-to-end encryption to further cut down any possible foul play.
Creating a Passkey on iPhone is extremely easy. Basically, websites that support Passkeys will automatically show a prompt asking you if you want to save a Passkey for signing in to them. Here’s the process that you’ll follow in order to create a Passkey on your iPhone.
- Tap on ‘Continue’ and authenticate using Face ID/ Touch ID to save your Passkey to your keychain.
Knowing that Passkeys work in sync with iCloud Keychain, ensure that you have enabled the built-in password manager.
- Now, tap Passwords and Keychain, and then make sure the toggle for Sync with this iPhone/iPad is turned on.
How to Create a Passkey on Mac
Setting up a Passkey on Mac is just as easy.
Navigate to the site/app where you want to use Passkey and then register your account as usual.
Now, you will get a popup asking you whether you want to save a Passkey. Click Continue with Touch ID and authenticate. Note that if your Mac does not support Touch ID or if you don’t use it, you will need to authenticate using your administrator password. Do it and your Passkey will be ready for this site.
How to Use Passkeys on iPhone
Once you have created your Passkeys, you can use them with ease.
How to Use Passkeys on Mac
Navigate to the app/site where you want to use a Passkey and click on ‘Sign In’.
Now, you will get a prompt to sign in using your Passkey. If you have set up Touch ID on your Mac, use it to authenticate your account.
If your Mac does not support Touch ID or you do not use it, click Other Sign-In Options.
Now, select the “Use passkey from a device with a camera” option.
Next, you will get a prompt to scan the QR code using your iPhone/iPad.
When you scan the code, you will get options for all the Passkeys saved in your iCloud keychain for that website. Simply pick the one you want, and tap ‘Continue’.
Authenticate using Face ID/ Touch ID and that’s it. You will be signed in with your account on the website.
How Do Passkeys Work on Android and Windows Devices?
Recently, the FIDO Alliance announced that Apple, Google, and Microsoft have committed to support its new password-less authentication method named “FIDO Standard”. With Passkeys, Apple has already given a go-ahead to the passwordless sign-in. As FIDO Standard is also being implemented on Android (as recently announced on Google I/O 2022) and Windows devices, you will be able to use Passkeys on non-Apple devices as well.
Coming back to the question as to how Passkeys work on Android and Windows devices and more importantly whether or not it provides the same level of security on other platforms. Well, when you try to sign in to your account on other devices, you are prompted to scan a QR code using your iPhone or iPad. After that, Passkeys asks you to authenticate your identity using Face ID/Touch ID to ensure it’s you who is attempting to log in to the account. In a nutshell, the process of using Passkey on Windows or Android is almost the same as it is on Mac without Touch ID.
Frequently Asked Questions about Passkeys
Can You Use Passkeys in iOS 15 and macOS 12?
How Do Passkeys Sync with Other Devices?
Whether you do not have physical access to your device or you can’t authenticate your passkey using Face ID/Touch ID, you can verify your identity using other sign-in options such as password.