For a long time, online security has been a tradeoff. The more secure you your accounts are, the more inconvenient it is to sign in and use them. That’s just how it works.
Or, that’s how it used to work. Passkeys change that. If you haven’t already tried them, you should. Here’s what you need to know.
What are Passkeys?
Passkeys are a replacement for a password. They were created by a consortium of companies that included Google, Microsoft, and Apple.
Passkeys are easier to use than a traditional password, and they’re also more secure. They eliminate the need for two-factor authentication, and are encrypted to make life very difficult for hackers.
Once you set up a passkey, you can log in to an app or online service with a fingerprint, a face scan, or a PIN code. You don’t need to remember long complicated passwords, or worry about getting locked out of an account.
How Do Passkeys Work?
When you set up a passkey, you create a pair of digital keys. One key is stored on your device. The other is stored on the server of the app or online service you are using.
When you log in to that app, you will authenticate your identity with your face or fingerprint, instead of a password. That sends a message to the app’s server to check that the key on your device matches the key on their server. All this happens in a matter of seconds.
How to Create & Use Passkeys
Google began supporting passkeys this month. Lots of people have Google accounts for Gmail, Calendar, and Docs, so I am going to use it as an example to show you how to set up a passkey.
1. To begin, navigate to https://g.co/passkeys
2. Sign in with your Google account password
3. Click, “Create a Passkey”
4. Click “Continue” to confirm that you are ready to create a passkey.
5. Choose the method you would like to use for your passkey. This will vary depending on the device you are using, but could include a fingerprint, a face scan, or the PIN code for your device.
And that’s it! Once you have picked the method you want to use as a passkey, it will become your new default for signing in to your Google account on that device.
You can test it out by logging out of your Google account and signing in again. When you get to the password screen, you will be prompted to use your passkey to confirm it is you.
Important Information About Passkeys
If you like the convenience and security offered by passkeys, you should only set them up on all the devices you own. Passkeys are stored on your device, so they are most secure when you are the only one with access. That means you should think twice about work computers.
Your password and/or two-factor authentication methods are still available as sign-in options after you set up a passkey. They will not be the default, but if your camera breaks or your fingerprint reader stops working, you can still sign in with a traditional password by choosing “Try Another Way”.
Who Else Supports Passkeys?
Passkeys are a relatively new technology. Several high-profile companies like Microsoft, Best Buy, eBay, PayPal, and Shopify support passkeys, but most websites are playing catch-up with passkeys.
You can see a list of apps and websites that support passkeys at https://passkeys.directory. This website was created by 1Password, and is updated when companies make passkeys available to their users.
You can click on any app that is listed in the directory to get details about how to set up passkeys for that service.
When two-factor authentication was launched, it took some time for it to gain traction among users and providers. I get the feeling that the same will happen with passkeys.
One day, we will all be using them, but for now, it’s up to us, the early adopters, to help spread the word and encourage our favorite online services to adopt them.