Passkeys

Accelerating the Availability of Simpler, Stronger Passwordless Sign-Ins

FAQ's Resources
This graphic is a genericized representation of what the user experience may be.

Passkey

/ˈpasˌkē/
noun
Passkeys are a password replacement that provide faster, easier, and more secure sign-ins to websites and apps across a user’s devices.

Why passkeys? Passwords are a problem.

  • Knowledge-based
  • Hassle to use and remember
  • Easy to phish, harvest, replay
89% of organizations experienced a phishing attack in the past year.*
*HYPR, 2022 State of Passwordless Security Report – Download the Report here.

Legacy authentication solutions don’t address the security problem and/or are not usable enough for large-scale consumer utilization.

FIDO Authentication is the world’s answer to the password problem.

FIDO Authentication provides a simpler user experience with phishing-resistant security.

Passkeys optimize access and usability for FIDO Authentication

Passkeys enable users to access their FIDO sign-in credentials on many of their devices, even new ones, without having to re-enroll every device on every account.

How do users use passkeys?

When a user is asked to sign-in to an app or website, the user approves the sign-in with the same biometric or PIN that the user has to unlock the device (phone, computer or security key). The app or website can use this mechanism instead of the traditional (and insecure) username and password.

Here’s what this means for…

  • User Experience The user experience will be familiar and consistent across many of the user’s devices – a simple verification of their fingerprint or face, or a device PIN, the same simple action that consumers take multiple times each day to unlock their devices.
  • Security Passkeys are based on FIDO Authentication, which is proven to be resistant to threats of phishing, credential stuffing and other remote attacks. Also, service providers can offer passkeys without needing passwords as an alternative sign-in or account recovery method.
  • Scalability With passkeys, users do not need to enroll a new FIDO credential on each service or each new device (which would typically be with a password for that first sign-in). The users’ passkeys are available whenever they need them—even if they replace their device.

Look for the passkey logo on sites that allow you to use passkeys instead of passwords.

Service providers interested in using this logo should visit our FIDO Trademark and Service Mark Usage Agreement for Websites to agree to terms and download the logo files.

Download our passkey logo style guide files here.

Developer Resources

Ready to get started? Apple and Google have created these passkey resources for developers: "Passkeys.dev" "Member-curated list of sites that support passkeys" Apple: "FIDO Authentication with Passkeys" Google: "FIDO Authentication with Passkeys"

Videos

Passkeys in Action

A demonstration of passkeys across platforms.

FIDO Passkey Primer

An in-depth explainer on passkey.

Download Authn Specs
Sign up for updates!Get news from FIDO Alliance in your inbox.

By submitting this form, you are consenting to receive communications from: FIDO Alliance, 3855 SW 153rd Drive, Beaverton, OR 97003, US, http://www.fidoalliance.org. You can revoke your consent to receive emails at any time by using the unsubscribe link found at the bottom of every email.