Based on FIDO standards, passkeys are a replacement for passwords that provide faster, easier, and more secure sign-ins to websites and apps across a user’s devices. Unlike passwords, passkeys are always strong and phishing-resistant.
Passkeys simplify account registration for apps and websites, are easy to use, work across most of a user’s devices, and even work on other devices within physical proximity.
Why passkeys? Passwords are a problem.
- Hassle to use and remember
- Easy to phish, harvest, replay
Legacy authentication solutions don’t address the security problem and/or are not usable enough for large-scale consumer utilization.
FIDO Authentication is the world’s answer to the password problem.
FIDO Authentication provides a simpler user experience with phishing-resistant security.
Passkeys optimize access and usability for FIDO Authentication
Organizations can deploy FIDO sign-ins with passkeys across a variety of use cases. Passkeys enable users to access their FIDO sign-in credentials on many of their devices, even new ones, without having to re-enroll every device on every account. Alternatively, device-bound passkeys that are bound to a FIDO security key or platform are an option for organizations that do not require syncing.
How do users use passkeys?
When a user is asked to sign-in to an app or website, the user approves the sign-in with the same biometric or PIN that the user has to unlock the device (phone, computer or security key). The app or website can use this mechanism instead of the traditional (and insecure) username and password.
Here’s what this means for…
- User Experience The user experience will be familiar and consistent across many of the user’s devices – a simple verification of their fingerprint or face, or a device PIN, the same simple action that consumers take multiple times each day to unlock their devices.
- Security Passkeys are based on FIDO Authentication, which is proven to be resistant to threats of phishing, credential stuffing and other remote attacks. Also, service providers can offer passkeys without needing passwords as an alternative sign-in or account recovery method.
- Scalability With passkeys, users do not need to enroll a new FIDO credential on each service or each new device (which would typically be with a password for that first sign-in). The users’ passkeys are available whenever they need them—even if they replace their device. Device-bound passkeys that do not support syncing are an option for organizations that require additional proof of provenance of a user’s passkeys.
Look for the passkey logo on sites that allow you to use passkeys instead of passwords.
Service providers interested in using this logo should visit our FIDO Trademark and Service Mark Usage Agreement for Websites to agree to terms and download the logo files.
Download our passkey logo style guide files here.