Passkeys

Passkeys do not simply replace MFA - they replace passwords and provide phishing-resistant multi-factor authentication in a single, simpler sign-in experience.

What Are Passkeys?

  • Passkeys are a passwordless way to sign in to websites and applications.
  • They use cryptographic keys stored securely on your device instead of a password.
  • Passkeys can be unlocked using biometric authentication (such as fingerprint or facial recognition) or your device PIN.

Why Use Passkeys?

  • More secure than passwords – they cannot be guessed, reused, or easily stolen.
  • Resistant to phishing attacks – passkeys only work with the legitimate website or application they were created for.
  • No passwords to remember – reducing password fatigue and support requests.
  • Faster sign-in experience – often requiring just a fingerprint, face scan, or PIN.
  • Reduced risk of credential theft from data breaches.

How Do Passkeys Work?

  • A unique passkey is created for each account.
  • The private part of the passkey remains securely stored on your device and is never shared.
  • Only a cryptographic proof is sent during sign-in, not a password.
  • Passkeys can be synchronised securely across trusted devices through supported platforms.