Your bank, Google and Apple already have it. Are you still typing in your password?

Passkey – what is it, how does it work and how to enable keys on your Google, Apple and Microsoft accounts? A guide to logging in without passwords and using passkeys securely.

Why is everyone talking about passkey?

Login via SMS, passwords like “Anna1987!”, codes from e-mail, a piece of paper with strings of numbers and letters, authentication applications… It all still works, but The security world is moving towards passwordless logins. This is the center of this trend passkey – a digital key that replaces the password with fingerprints, facial recognition or the device PIN.

Passkey is a type of login key based on cryptography – in practice, a pair of keys (public + private) compliant with the FIDO2/WebAuthn standard, which replaces the password and allows you to log in without entering anything from the keyboard.

Passkey – what is it?

In practice it looks like this:

• Private key is saved on your device (phone, laptop, dongle) – it does not leave it and is not sent to the Internet.
• Public key goes to the website (Google, Microsoft, bank, etc.).
• When you log in, the website sends an authentication request. Your phone/laptop signs them private keybut only after you confirm this:
  • fingerprint,
  • face recognition,
  • or PIN or password for the device.

Thanks to this:

• we don’t have a password to steal/guess here,
• phishing attacks have a much harder time because you can’t “fake” the page and steal the key,
• logging in is easier for you.

Why passkey is the future and password is a necessary evil)

The biggest advantages of passkeys according to the FIDO Alliance and system manufacturers:

1. Phishing resistance – you don’t enter the password, so there’s nothing to “see”. Even if you click on a fake link, the browser/device will generally not use the passkey on a domain other than the one for which it was created.
2. No repetition of passwords – each website gets its own public key – there is no “one password for everything” that will cause problems for you if leaked.
3. Stronger security by default – passkeys use proven cryptographic algorithms. Google emphasizes that they cannot be guessed or “brute-forced” in the classic way like passwords.
4. Convenience – instead of: password → code from SMS → confirmation in the application works here fingerprint/face/PIN on device.
5. Synchronization between devices
   • Apple: by iCloud Keychain Syncs passkeys between iPhone, iPad and Mac.
   • Google: stores passkeys in Google Password Manager associated with your account.
   • Microsoft: In Windows 11, Edge can sync passkeys via a Microsoft account and also work with managers like 1Password.

What do you need to use passkeys?

In short: relatively new device and up-to-date systems.

• Apple – passkeys work on iPhones with iOS 16+, iPads with iPadOS 16+, Macs with macOS Ventura+ and Apple TV with tvOS 16+.
• Android – support appeared in Android 9+, but full comfort is available in newer versions with a built-in Google Password Manager and integration with the Chrome browser.
• Windows – passkeys support is based on Windows Hello + browser (Edge / Chrome) and newer Windows 11 updates that added passkeys synchronization in Edge.

Plus:

• device locking enabled (PIN, password, fingerprint, face),
• cloud account: Apple ID, Google account, Microsoft account – if you want to sync passkeys between devices.

How to enable passkey in your Google account

Google strongly promotes passkeys – on the official website it describes them as “the strongest way to protect your Google account” and by default suggests using them instead of a password.

1. Visit the website https://myaccount.google.com/ and log in to your account.
2. In the menu on the left, select Security (Security).
3. Scroll to a section How do you log in to Google (How you sign in to Google).
4. Click Passkeys (or “Passkeys and security keys”).
5. Choose Create passkey / Usepasskeys and follow the on-screen instructions:
   • on a laptop/PC you will use Windows HelloTouch ID (Mac) or physical key,
   • on the phone – fingerprint, face or screen PIN.

After completion:

• the next time you log in, Google will offer it to you passkey login instead of entering a password;
• you can add some passkeys (e.g. for phone, laptop and dongle).

Important: Your Google Account password still exists as a backup form of login. Don’t remove it hastily – it comes in handy in case you lose your devices.

How to enable passkey on Apple ID (iPhone, iPad, Mac)

Apple has two layers:

1. Passkeys in applications and websites – they work automatically when a given service supports them.
2. Passwords and passkeys stored in iCloud Keychain (Passwords app) – this is your central “wallet” of keys.

1. Make sure you have iCloud Keychain turned on

On iPhone/iPad:

1. Enter in Settings.
2. Tap your name (Apple ID) at the top.
3. Choose iCloud → Passwords and iCloud Keychain/iCloud Keychain.
4. Make sure the switch is turned on.

On Mac (Ventura and later):

1. Open System settings.
2. Click Apple ID → iCloud.
3. Check if Keychain is turned on.

2. Creating a passkey when logging in to websites

Apple describes it this way: when an app or website supports passkeys, at the moment creating an account or changing your password you will see a message like: “Use passkey” / “Save passkey on this device”. It works as follows.

1. On the website/in the app, select Create an account or Log in.
2. Instead of creating a password, choose an option Use passkey (or “Save passkey”).
3. iOS will ask you to confirm with your fingerprint (Touch ID), face (Face ID) or passcode.
4. Passkey will save in Passwords (Settings → Passwords).

From now on, logging in to this website/app will look like this after tapping the login box Face ID / Touch ID appearsand then you are simply logged in.

How to enable passkey on your Microsoft account

Microsoft has implemented passkeys for both consumer accountsas well as in the corporate environment (Entra ID / former Azure AD). For an ordinary user, the key is:

• Microsoft account (Outlook, OneDrive, Xbox, etc.),
• Windows Hello and Edge with passkeys support.

Creating a passkey for a Microsoft account (browser)

The official Microsoft manual looks like this:

1. Visit the website https://account.live.com/proofs/manage (Advanced security options).
2. Sign in to your Microsoft account.
3. In the sign-in methods section, select Add a new way to sign in or verify (Add a new login/verification method).
4. Choose Face, Fingerprint, PIN, or Security Key (depending on what your device offers – e.g. Windows Hello, dongle).
5. Follow the instructions to register passkey for this account on this device.

If you are using Windows 11 and Edge after the latest updates, passkeys may be synced in Microsoft Password Manager in Edge – this allows you to use them on multiple computers with your Microsoft account.

Passkeys on other websites

More and more services (banks, online stores, VOD platforms, password managers) are added to the FIDO Alliance “Passkey Directory” – a list of services that support Passkey login.

The typical diagram is very similar:

1. Go to your account settings → type section:
   • “Security”,
   • “Login and security”,
   • “Login methods”,
   • “Passwordless Authentication/Passkeys”.
2. Search for options “Add passkey” / “Use passkey instead of password”.
3. After clicking:
   • the browser will ask if you want to use the passkey from the current device (Windows Hello, Touch ID, U2F key),
   • you confirm with your fingerprint/face/PIN,
   • ready – the website records that this passkey can log you into your account.

If you use a password manager, e.g. 1Passwordyou can also store your passkeys there – Windows 11 recently had native integration with 1Password as a passkeys provider.