What are passkeys? How going passwordless can simplify your life in 2025

Passkeys are an authentication method for websites and apps that were first popularized by Apple in June 2022 when the company added support in iOS and macOS. However, it’s not an Apple technology. Passkeys are a standard that’s promoted by Google, Apple, Microsoft, the World Wide Web Consortium, and the FIDO Alliance.

Also: The best VPN services: Expert tested and reviewed

Passkeys are sets of two cryptographic keys: a public key that’s registered with the online service or app, and a private key that’s stored on a device, such as a smartphone or computer.

That might sound complicated, but passkeys have been designed to be easy to use. In fact, to log in with a passkey, you use your face, a fingerprint, or a PIN in much the same way you unlock your smartphone.

The advantage of passkeys is that even if a hacker gets their hands on a website’s public key, your account is still locked because they don’t have access to the private key on your device.

No, because none of your biometric information is sent to the website or app that you are accessing. Instead, your biometric information is only used to unlock the passkey that resides on your device.

Your face or fingerprint information never leaves your device.

Here are the system requirements for passkeys:

• A system running at least Windows 10, macOS Ventura, or ChromeOS 109
• A smartphone or tablet running at least iOS 16, iPadOS 16, or Android 9
• Optional: a hardware security key with FIDO2 protocol support

The computer or mobile device you are using will also need a supported browser, such as:

• Chrome 109 or greater
• Safari 16 or greater
• Edge 109 or greater

The major tech players all have more information about how to use passkeys on their platforms: Apple, Google, and Microsoft.

As for overall support for passkeys, data gathered by State of Passkeys shows that support for passkeys on desktop computer browsers is very close to 100%, while on mobile it averages about 85%.

You can find a list of websites that support passkeys at passkeys.io.

Some well-known websites and apps that support the technology include Adobe, Amazon, Google (where passkeys now secure over 400 million accounts), GitHub, PayPal, TikTok, Nintendo, WhatsApp, Shop by Shopify, and X. Recently, eBay and Uber have also added support for passkeys.

On World Password Day 2024, Microsoft rolled out passkey support for all its consumer accounts and will roll out passkey support for signing into mobile versions of Microsoft applications over the coming months.

Also: The best VPN services for iPhone and iPad (yes, you need to use one)

Passkeys are growing in popularity — and fast.

It seems that after getting the passkeys tech in place and rolling it out to the masses to protect online accounts and identities, the next big push will be to get banks and financial institutions on board.

FIDO Executive Director Andrew Shikiar points out that while banks have been slow to offer passkeys to consumers, he is “quite confident that in 2025 we’ll start to see some big brand banks across the world start to deploy passkeys to allow their users to sign in and access accounts without having to use a password.”

And that’s just part of the spread, with other areas such as travel and hospitality also likely to adopt passkeys.

By the end of 2025, Shikiar expects that one in four of the world’s top 1,000 websites will support passkeys.

Yes, Google is now asking users to create a passkey and use that passkey as the default login.

Using a passkey to log in to your account is about 40% faster and a lot more secure than using passwords. Google’s reach means its decision will not only help spread the word about passkeys, but it will also encourage other online services to do the same.

Also: The best VPNs for streaming your favorite shows and sports

In fact, Google is clear that its plan is to make “passwords a rarity, and eventually obsolete.”

Not ready to use a passkey for Google yet? You can skip this option and continue to log in to your account the old way.

If you’re not yet ready to take the plunge and start using passkeys, the best way to experiment with how they work is to use the demo at passkeys.io. It will guide you through the process of setting up a passkey and how to use it to log in to a site.

Unfortunately, we’re a long, long way from the death of passwords. Passkeys, much like hardware security keys, offer a way for you to harden accounts and online services that support the feature.

You’re going to need passwords and password managers for a long time yet.

While passkeys are certainly far better than the best-case scenario with passwords, there are downsides.

Many of the downsides of passkeys revolve around the fact that the technology is relatively new and the rollout has been ongoing. On top of that, we’re seeing companies like Apple, Microsoft, and Google push their method of storing and sharing passcodes, and this can silo your passkeys and make them hard to access on different platforms. This is getting better with passkey management being included in password managers.

Also: Passkeys are more popular than ever. This research explains why

Another common issue is that sites that use passkeys still demand users set a password to protect the account, thereby diluting the efficacy of passkeys.

Tech site Ars Technica has done a good job of highlighting some of the biggest issues related to passkeys.