Passkeys: all the news and updates around passwordless sign-ins

Mobile

Products You May Like

The need to remember lengthy, complicated passwords to sign in to your accounts could soon be a thing of the past thanks to passkeys: a new login technology that replaces passwords with the authentication mechanisms built into your own devices. Unlike passwords or PINs, which can be stolen, they link access to the websites, apps, and services that support passkey sign-on with Face ID on your iPhone, Windows Hello on your PC, or the fingerprint / facial recognition on your Android phone.

Passkeys are built on WebAuthn (or Web Authentication) tech and stored directly on your device and can also be used with hardware security keys.

Since Apple, Google, and Microsoft jointly announced support passkeys in 2022, all three have built the technology into their platforms, while third parties, including password managers like 1Password and Dashlane, have also joined in to help backup and sync passkeys across all your devices. According to the FIDO Alliance, as of 2024, passkeys are already supported by 20 percent of the world’s top 100 websites and services, covering more than 13 billion accounts that can use them to sign in.

It’s expected that passkeys will eventually replace passwords entirely, though it’s going to take some time. Here, you can follow all the updates and developments — including which companies have rolled out support in preparation for a passwordless future.

Highlights

  • Microsoft logo

    Microsoft logo

    Illustration: The Verge

    Microsoft is fully rolling out passkey support for all consumer accounts today. After enabling them in Windows 11 last year, Microsoft account owners can also now generate passkeys across Windows, Android, and iOS. This makes it effortless to sign in to a Microsoft account without having to type a password in every time.

    You can create passkeys for your Microsoft account by following this link, and you can choose your face, fingerprint, PIN, or a security key to use a device to sign in with a passkey.

    Read Article >

  • Google logo with colorful shapes

    Google logo with colorful shapes

    Google may start asking users that still utilize passwords instead of their passkeys to wait 24 hours before they can access their account.
    Illustration: The Verge

    Google is kicking off World Password Day by updating us on its efforts to replace the often hacked, guessed, and stolen form of authentication with passkeys. Their passwordless approach relies on device-based authentication instead, making logging in faster and more secure.

    In a blog post on Thursday, the company announced that over 400 million Google accounts (of the at least 1.5 billion reported since 2018) have used passkeys since rolling them out, logging over a billion authentications between them. The majority of users find them easier to use than passwords, according to Google, adding that “since launching, passkeys have proven to be faster than passwords, since they only require users to simply unlock their device using a fingerprint, face scan or pin to log in.”

    Read Article >

  • An image showing the WhatsApp logo in black

    An image showing the WhatsApp logo in black

    Illustration: The Verge

    One more app joins the passwordless future we’ve been promised. WhatsApp says it’s now rolling out support for passkeys in the iOS version of the app. With the feature enabled, users of Meta’s encrypted messaging app can use iPhone biometrics for login — that is, Face ID or Touch ID — or their phone’s passcode.

    WhatsApp already supports unlocking its iOS app with one of these options, but this takes that a step further. Passkey support comes to the iPhone version several months after Meta started distributing it to Android WhatsApp users in October. WhatsApp spokesperson Zade Alsawah iOS users will see the app “in the coming weeks,” so if you don’t see it now, keep checking.

    Read Article >

  • X enables passkeys for iOS users worldwide.

    While the platform’s influence has waned, your dormant Twitter account could still have embarrassing or dire consequences if hijacked. So it’s probably worthwhile to setup a more secure passwordless passkey on your iPhone just in case.

  • Proton’s password manager now supports passkeys.

    After rolling out its end-to-end encrypted password manager last year, Proton has announced that it will now let you manage passkeys across mobile and desktop devices, allowing you to log into sites without a password.

    Image: Proton
  • 1Password can store passkeys for Android apps.

    To use the feature, your device needs Android 14 or higher, the latest version of 1Password, and an app that supports passkeys.

    But even though 1Password added passkey support for Windows and macOS desktop browsers and iOS devices last year, Google does not yet have an API that supports 1Password passkeys on Chrome for Android. No word on when that will be available to Android users.

  • Passkeys on X are now available to all US users on iOS.

    The platform started rolling out passkey support on its iOS app last month, but now it’s available to all iPhone users in the US. That means you can use Face ID, Touch ID, or your device’s passcode to log in to your account instead of entering a password. You can learn how to enable passkeys on X from this support page.

    An image showing the X logo

    An image showing the X logo

  • Now you can sign into your PlayStation account without a password.

    Passkey support is now available for Sony PlayStation accounts. Users can activate the feature in the security section of their Account Management settings on a PS5, PS4, computer, or mobile device.

    PlayStation isn’t the first console to embrace the post-password future. Nintendo added support for passkeys last fall, enabling users to access their accounts with authentication methods such as iOS Face ID or the Android fingerprint sensor.

    Update, Wednesday, February 21st, 2024, 5:02PM ET: Updated to include new tweet from the Ask PlayStation Twitter account.

  • An illustration showing passkeys, smart rings, and a watch.

    An illustration showing passkeys, smart rings, and a watch.

    Image: Alex Parkin / The Verge

    Passkeys: how do they work? No, like, seriously. It’s clear that the industry is increasingly betting on passkeys as a replacement for passwords, a way to use the internet that is both more secure and more user-friendly. But for all that upside, it’s not always clear how we, the normal human users, are supposed to use passkeys. You’re telling me it’s just a thing… that lives on my phone? What if I lose my phone? What if you steal my phone?

    On this episode of The Vergecast, we bring in an expert: Anna Pobletts, the head of passwordless (best title ever?) at 1Password. She has been working on all things post-password for a long time and has seen every use case you can think of. She’s convinced that passkeys are the future but also has some ideas on the right (and not-so-right) way to get started.

    Read Article >

  • Google’s Pixel Password manager makes switching to passkeys easy for Best Buy, Nintendo, Uber, and others.

    Google Pixels recently updated the built-in password manager to identify accounts that support passkeys — a more secure login method than passwords — and prompt users for a simple security upgrade.

    It’s coming to other devices eventually, and Google announced today several companies that not only support passkeys, but they’ve also set up their accounts so users will be taken directly to the correct page to set up a passkey. Better yet, other services can freely add the feature too.

    Screenshot of Google Password Manager on a Pixel phone promting the user to simplify their sign-in by switching to passkeys.

    Screenshot of Google Password Manager on a Pixel phone promting the user to simplify their sign-in by switching to passkeys.

    Google Password Manager passkeys prompt for supported accounts.
    Image: Google
  • An image showing the X logo

    An image showing the X logo

    Illustration: The Verge

    X is now supporting passkey log-ins on iPhones and iPads, granting members access to the security feature regardless of their “Premium” status. Generating a passkey for X allows users to completely skip entering a password when they log in to their accounts and instead rely on the device’s security (with Face ID, Touch ID, or your device’s passcode). 

    For now, passkeys are only available in the US, and X hasn’t revealed when it’s rolling out the login technology on Android, for desktop operating systems, or in other countries. Also, X’s rollout of passkeys doesn’t seem to be complete yet (some users reported still not having access as of Tuesday night on the East Coast), so don’t fret if the feature hasn’t popped up yet.

    Read Article >

  • You can create a new zero-password 1Password account with a passkey.

    1Password has promised support for securing its password manager with only passwordless passkey authentication all year, and now the private beta is going public, with the option to create a recovery code for emergency access.

    Passkeys tie account access to your device’s security or a hardware key instead of a vulnerable password, with support from Microsoft, Apple, Google, Amazon, Nintendo, and even vaults like 1Password. The only thing you can’t do, however, is switch over existing 1Password accounts — that will come next year.

    Screenshot of 1Password sign-in screen prompting for a passkey login on the web and on mobile devices.

    Screenshot of 1Password sign-in screen prompting for a passkey login on the web and on mobile devices.

    1Password Passkey logins
    Image: 1Password
  • Two cryptographic security keys, one USB-C and one USB-A on a white background.

    Two cryptographic security keys, one USB-C and one USB-A on a white background.

    Google Titan security keys (2023)
    Image: Google

    The latest iteration of Google’s Titan Security Key is here, ready to work alongside the new passwordless passkey technology that’s rolled out with support from Apple, Microsoft, Google, and many others. Two new versions of the key are available in the Google Store starting today with either a USB-C connection ($35) or USB-A connection ($30), and — like the previous versions released in 2021 — both also have NFC to connect wirelessly to phones and other mobile devices.

    I’ve been using the USB-C version for a few days, and it works just as well as other keys I have, like the older Titan hardware and other FIDO2 keys from Yubico. Having NFC support on both versions is convenient so that you don’t have to choose, especially since when setting up keys, you’ll want to have at least two to maintain a backup.

    Read Article >

  • A person using Bitwarden on their laptop.

    A person using Bitwarden on their laptop.

    Bitwarden has added support for the more secure passkey login method.
    Image: Bitwarden

    Bitwarden, one of our top picks for free password managers, is adding support for passkeys in the latest version of its browser extensions. Passkeys can use your device’s pin, face, or fingerprint for authentication, and are a more secure and convenient alternative to traditional passwords that are also more resilient to phishing attacks.

    Although the company has announced that passkey support is coming in the new 2023.10 release, the update appears to be in the process of rolling out — I’m still seeing the previous 2023.9.2 version listed on the Chrome Web Store as of this writing. But I’ve verified that it’s working on Safari with the latest version of Bitwarden’s Mac app and extension. The rollout of the feature follows support from Apple and Google’s built-in password managers, as well as competing third-party password managers like 1Password.

    Read Article >

  • Android logo on a green and blue background

    Android logo on a green and blue background

    Illustration by Alex Castro / The Verge

    Android apps are about to get better built-in passkey support. Google announced in a developer blog post last week that Credential Manager, a new Android-specific API for storing credentials like username and password combinations and passkeys, is going public on November 1st. Credential Manager, which has been in developer preview for months, houses biometric authentication of passkeys, traditional passwords, and federated identity login under one roof in Android phones.

    Ultimately, the change should allow apps to offer better authentication support in Android 14. Using Credential Manager, apps can offer users easy biometric logins through passkeys. That should mean a more friction-free sign-in experience since people who use that method wouldn’t have to worry about keeping login information in their heads. Third-party password managers like 1Password can also integrate the API for a more streamlined experience when defaulting to such an alternative instead of Google Password Manager.

    Read Article >

  • Illustration of a hand holding an iPhone with the Face ID screen saying a passkey for amazon customer will be saved in iCloud keychain

    Illustration of a hand holding an iPhone with the Face ID screen saying a passkey for amazon customer will be saved in iCloud keychain

    Amazon.com on iPhone supports passkeys so people can log in with Face ID.
    Image: Amazon

    Amazon’s rolling out passkey support for its online site and mobile shopping apps. Customers can log in to Amazon using just their devices’ biometrics and start shopping without the need to enter a password or follow through with two-factor authentication (2FA) through email or text.

    Amazon dipped its toes into passkey support earlier this month for its web experience, but it wasn’t ready for primetime yet since the implementation still required a 2FA code and wasn’t enabled for the mobile apps. If you’re interested in enabling passkey support with Amazon, you can enroll by going to Amazon.com, visiting your account settings, clicking “Login & Security,” and using the “Set up” button next to “passkey.”

    Read Article >

  • Google Password Manager will start suggesting switching to passkeys on supported websites.

    Google already prompts users to create passkeys for their Google accounts, but a currently hidden beta feature indicates that the company’s password manager will soon prompt users to switch on other sites, too. Passkeys: they’re the future!

  • A hand holding a phone with the Google logo on it.

    A hand holding a phone with the Google logo on it.

    The additional visibility will at least remind Google account users that passkeys exist.
    Illustration by Samar Haddad / The Verge

    Google is making it easier for users to ditch passwords on their Google accounts in favor of passkeys — a fast, secure, and passwordless approach to logins that utilizes the pin, face, or fingerprint authentication built into your devices. Starting today, Google account users will be prompted to create a passkey for their account by default, sparing them from manually hunting through account settings for the setup process.

    While the industry-wide goal is to eventually make passkeys the new login standard, Google says that passwords will “still remain part of our lives as we make the pivot.” As such, users can still choose to sign in to their Google account with traditional passwords and can opt out of using passkeys entirely by disabling the “skip password when possible” option for their account.

    Read Article >

  • Okta is getting in on passkeys.

    Okta, an identity and access management company, has announced support for passkeys. The passwordless sign-in method is available in early access for the Okta Customer Identity Cloud, allowing users to verify their identity with a fingerprint, face scan, or device PIN.

  • The Microsoft logo on an orange background

    The Microsoft logo on an orange background

    Microsoft takes its next step towards a passwordless future.
    Illustration by Alex Castro / The Verge

    Microsoft’s incoming Windows 11 update will introduce public support for passkeys — a passwordless login technology that instead uses your face, fingerprint, or device PIN to sign into accounts. Announced at Microsoft’s AI and Surface launch event on Thursday, the latest Windows 11 update (available from September 26th) will allow users to create, manage, and store passkeys, and use them to access supported websites and services using their device’s own authentication systems.

    Microsoft began testing passkey management in the Windows Insider developer channel back in June, so this Windows 11 update is bringing the technology into general availability.

    Read Article >

  • The Nintendo logo sits inside a black, red, and cream-colored design.

    The Nintendo logo sits inside a black, red, and cream-colored design.

    Illustration by Alex Castro / The Verge

    Nintendo has added support for passkeys, a passwordless sign-in method that uses your fingerprint, face scan, or other methods to give you access to your online accounts. As spotted earlier by NintendoSoup (via 9to5Mac), Nintendo now lets you register and use a passkey to sign in to your account from a variety of different devices.

    To add a passkey to your account, head to accounts.nintendo.com from the device you want to use the passkey. Once you sign in to your Nintendo account, hit Sign-in and security settings > Passkeys > Edit. Then, select Register a new passkey and follow the steps to complete the setup process on the device you’re using.

    Read Article >

  • 1Password’s passkey support is finally out of beta.

    Following months of teasing, 1Password has announced that support for passkeys — a new login technology that replaces passwords with authentication systems built into a user’s own device — is now generally available across the password managers’ mobile apps and web browser extensions. From today, 1Password users can create, manage, and sign in to supported websites with passkeys via the 1Password iOS and Android mobile apps and its browser extensions for “all major web browsers on Mac, Windows, and Linux.”

    This update doesn’t include the ability to replace your 1Password account’s master password with a passkey, however, which has been teased by the company since February. That’s set to arrive “later this fall,” when the company says it’ll deliver its first “end-to-end passkey experience” across all platforms and devices.

    Read Article >

  • Jameeka Green Aaron smiles into camera

    Jameeka Green Aaron smiles into camera

    Photo illustration by Alex Parkin / The Verge

    Today, I’m talking with Jameeka Green Aaron. She’s the chief information security officer, customer identity at Okta. Okta is a big company, a Wall Street software as a service darling, and also just the thing a lot of us have to log into at work 50 times a week to get anything done. So I was very curious to dig into the business of Okta’s business.

    But Okta’s point of view, Jameeka told us, is that it’s not just a security company; it’s an identity company. So we talked at length about what the whole concept of “identity” even really means in 2023. Is it your whole actual self? Is it a digital replica of your vital stats and permissions? How do you define what it means to be you in the 21st century, and how does that relate to the way you use technology, tools, and systems? How is an identity-based approach to systems more or less secure than other approaches?

    Read Article >

  • TikTok logo over a white background with the app icon repeating

    TikTok logo over a white background with the app icon repeating

    Illustration by Nick Barclay / The Verge

    The next TikTok trend is passkeys on iPhones. The social media app is announcing support for the logins that try to make password-stealing phishing attacks impossible by allowing users to sign in with either Touch ID or Face ID instead of entering passwords. The initial launch includes iOS device support and uses Apple’s native implementation of passkeys that saves them to the iCloud Keychain so that once it’s set up, it will also work on your other Apple devices.

    Once the feature is available, TikTok users can enable a passkey for their account by going to the app’s settings and selecting the new passkey menu item. Then users can follow a couple of steps: tap Set up, hit Continue on the iOS system prompt to save a passkey, and you’re done!

    Read Article >

Products You May Like

Articles You May Like

The Asus ROG Ally X turns PC gaming into a portable console
The Best Class For Solo Players In Final Fantasy XIV
From Yandex’s ashes comes Nebius, a ‘startup’ with plans to be a European AI compute leader
Lavish parties and moral dilemmas: 4 days with Silicon Valley’s MAGA elite at the RNC
Are Physical Games Dead? It’s More Complicated Than You Might Think

Leave a Reply

Your email address will not be published. Required fields are marked *