How passkeys work
Behind the scenes, each passkey consists of two interlocking parts.
The first part is stored on trusted devices (like your smartphone) and
protected by biometrics or a device PIN. The second part is shared with
the app or website you have an account for. Both are needed to
authenticate you, and it's impossible to reverse-engineer one piece of
the passkey from the other.
When you want to sign in, your device will prompt you to verify your
identity using biometrics. Both parts of your passkey are then used to
generate an authentication token for the app or website you’re signing
in to.
This means that without physical access to your devices (and a way to unlock them),
no one can log in to your passkey-protected accounts.
The benefits of passkeys
- Passkeys are fast and effortless to create.
- You don't have to remember anything.
- Passkeys are strong by default.
-
Passkeys are resistant to phishing and other social engineering
attacks.
Passkeys offer additional benefits for business owners:
- Passkeys ensure work-related accounts are properly protected.
-
Passkeys reduce IT requests for password resets, saving your team time
and money.
-
Passkeys streamline and simplify the checkout process for ecommerce.