Apple's introduction of Passkeys means you can authenticate with some apps and services using Face ID or Touch ID instead of remembering a password. This is how you get started.
Passkey on an iPhone
Introduced at WWDC 2022 in June and rolling out as a feature in iOS 16, iPadOS 16, and macOS Ventura, Passkeys are a way for a user to authenticate themselves with apps and online services. The key is that it does so without requiring the user to enter a password as a form of identification.
Passkeys feed into the often speculated password-less future, where devices and apps can confirm the person's identity without much in the way of interaction. While users still have to do things to confirm their identity in some way, Passkeys does it in other methods than the usual password.
As well as the lack of password entry, Passkeys offer quite a few benefits, including the use of strong end-to-end encryption and that there isn't an easily-guessed password to worry about. There are also opportunities to share passkeys using AirDrop, as well as to use them on other linked Apple devices, and even non-Apple hardware.
How do Passkeys work?
A standard created by the FIDO Alliance and the World Wide Web Consortium, Passkeys are cryptographic keys that are associated with a device to confirm an identity. The Passkey actually consists of a public and private pair, with the former registered with the service itself, and the private one stored securely on your device.
This public-private arrangement has been done before, and is commonly used in cryptographic applications. By exchanging keys, the device and the service or app can confirm the device and its current user match records, and proves their identity.
The device itself has to confirm the user's identity before the exchange takes place. This is handled by biometrics, which on an iPhone could be Face ID or Touch ID.
Once biometrically confirmed, the device performs its exchange with the relevant service, and access is then granted.
What can I use Passkeys with?
As a relatively new security standard, it can take time for online services to adopt it. With Apple's pushing of Passkeys, as well as as Google and Microsoft's adoption of it, more online destinations should employ it for authentication as time marches on.
As you would expect, the list of prominent apps and online services that work with Passkeys is relatively small, but will probably grow quite quickly.
As of November 15, 2022, prominent services that can use Passkeys include:
- Best Buy
- Dashlane
- eBay
- GoDaddy
- Kayak
- Nvidia
- PayPal
- Wordpress.
How to start using Passkeys
There are a few things you need to do to get into a position to use Passkeys. For a start, your hardware should be updated to iOS 16, iPadOS 16, and macOS Ventura.
You need to enable iCloud Keychain and Two-Factor Authentication first.
You should make sure that iCloud Keychain is enabled, so they can synchronize with other Apple devices. It's best to do this beforehand, but you will be asked to enable it when you're creating a passkey with it disabled.
How to enable iCloud Keychain in iOS 16
- Open Settings.
- Tap Passwords and authenticate.
- Tap Password Options.
- Turn on AutoFill Passwords.
- Make sure there are ticks next to both instances of iCloud Passwords & Keychain for the Allow Filling From and Set Up Verification Codes Using sections.
You will also need to enable two-factor authentication for your Apple ID.
How to enable two-factor authentication for an Apple ID
Open Settings.
Tap your name.
Tap Passwords & Security.
Tap Turn On Two-Factor Authentication and follow the prompts.
At this point, you will be able to set up and manage Passkeys on your device.
The process of setting up a Passkey generally follows the same steps across the industry, with a few small variations on getting started.
How to set up Passkeys for a new account on your iPhone
- At the login or account creation screen for a supporting app or website in Safari, sign up for a new account, including entering an account name, email address, or whatever is asked.
- When Passkeys is supported, you will be asked in a pop-up if you want to save a Passkey. Tap continue.
- If the pop-up doesn't appear immediately, look for an option to use Passkey or a form of "other" authentication. When the pop-up appears, tap Continue.
This pop-up appears when you can set up a Passkey. A similar one also appears when you can use one to authenticate.
How to set up Passkeys for an existing account on your iPhone
- For an account that already exists, log into the account as usual.
- Open the account management screen for that app or website.
- Search for a relevant option within the account settings, which can include password or security-related elements. This may be under a Hardware Security Device or Multi-Factor Security section.
- You will generally see an option to add a Passkey, which will summon the Passkey pop-up.
- Tap Continue.
You can usually set up Passkeys in the account system for existing accounts.
How to log in with Passkeys on an iPhone
- Open the app's log-in or sign-in page.
- If Passkey has been enabled for that service, a pop-up will usually appear, asking if you want to sign in. Tap Continue and complete the authentication prompt.
- On some websites, you may have to enter an email address or username before seeing the pop-up appear. When it does, click Continue and complete the authentication prompt.
Passkey Management
Once you have started using Passkeys, you can use your iPhone to manage how they are used. For example, you can view all Passkeys on a device, as well as delete them.
You can view and manage Passkeys you've set up in the Settings app.
To access the list, open Settings then tap Passwords to see the list. Tap each Passkey to see options, such as adding notes to a passkey or to delete it outright.