Skip to main content

Filed under:

Passkeys: all the news and updates around passwordless sign-on

Share this story

The need to remember lengthy, complicated passwords to sign into your accounts could soon be a thing of the past thanks to passkeys: a new login technology that replaces passwords with authentication mechanisms built into your own devices. That means you can use Face ID on your iPhone, Windows Hello on your PC, or the fingerprint sensor on your Android phone to authorize access to your websites, apps, and services — providing they support passkey sign-on.

Passkeys are built on WebAuthn (or Web Authentication) tech and stored directly on your device. They are supported by companies like Apple, Google, and Microsoft because they’re more secure than passwords or PINs which can be stolen. Password managers can help backup and sync passkeys across all your devices.

It’s expected that passkeys will eventually replace passwords entirely, though it’s going to take some time. Here you can follow all the updates and developments — including which companies have rolled out support in preparation for a passwordless future.

  • Google’s new Titan security keys are ready for a world without passwords

    Two cryptographic security keys, one USB-C and one USB-A on a white background.
    Google Titan security keys (2023)
    Image: Google

    The latest iteration of Google’s Titan Security Key is here, ready to work alongside the new passwordless passkey technology that’s rolled out with support from Apple, Microsoft, Google, and many others. Two new versions of the key are available in the Google Store starting today with either a USB-C connection ($35) or USB-A connection ($30), and — like the previous versions released in 2021 — both also have NFC to connect wirelessly to phones and other mobile devices.

    I’ve been using the USB-C version for a few days, and it works just as well as other keys I have, like the older Titan hardware and other FIDO2 keys from Yubico. Having NFC support on both versions is convenient so that you don’t have to choose, especially since when setting up keys, you’ll want to have at least two to maintain a backup.

    Read Article >
  • Bitwarden begins adding passkey support to its password manager

    A person using Bitwarden on their laptop.
    Bitwarden has added support for the more secure passkey login method.
    Image: Bitwarden

    Bitwarden, one of our top picks for free password managers, is adding support for passkeys in the latest version of its browser extensions. Passkeys can use your device’s pin, face, or fingerprint for authentication, and are a more secure and convenient alternative to traditional passwords that are also more resilient to phishing attacks.

    Although the company has announced that passkey support is coming in the new 2023.10 release, the update appears to be in the process of rolling out — I’m still seeing the previous 2023.9.2 version listed on the Chrome Web Store as of this writing. But I’ve verified that it’s working on Safari with the latest version of Bitwarden’s Mac app and extension. The rollout of the feature follows support from Apple and Google’s built-in password managers, as well as competing third-party password managers like 1Password.

    Read Article >
  • Wes Davis

    Oct 29

    Wes Davis

    Android 14 will make it easier for apps to support passkeys soon

    Android logo on a green and blue background
    Illustration by Alex Castro / The Verge

    Android apps are about to get better built-in passkey support. Google announced in a developer blog post last week that Credential Manager, a new Android-specific API for storing credentials like username and password combinations and passkeys, is going public on November 1st. Credential Manager, which has been in developer preview for months, houses biometric authentication of passkeys, traditional passwords, and federated identity login under one roof in Android phones.

    Ultimately, the change should allow apps to offer better authentication support in Android 14. Using Credential Manager, apps can offer users easy biometric logins through passkeys. That should mean a more friction-free sign-in experience since people who use that method wouldn’t have to worry about keeping login information in their heads. Third-party password managers like 1Password can also integrate the API for a more streamlined experience when defaulting to such an alternative instead of Google Password Manager.

    Read Article >
  • Amazon enables passwordless passkeys on iOS and the web

    Illustration of a hand holding an iPhone with the Face ID screen saying a passkey for amazon customer will be saved in iCloud keychain on iPhone supports passkeys so people can log in with Face ID.
    Image: Amazon

    Amazon’s rolling out passkey support for its online site and mobile shopping apps. Customers can log in to Amazon using just their devices’ biometrics and start shopping without the need to enter a password or follow through with two-factor authentication (2FA) through email or text.

    Amazon dipped its toes into passkey support earlier this month for its web experience, but it wasn’t ready for primetime yet since the implementation still required a 2FA code and wasn’t enabled for the mobile apps. If you’re interested in enabling passkey support with Amazon, you can enroll by going to, visiting your account settings, clicking “Login & Security,” and using the “Set up” button next to “passkey.”

    Read Article >
  • Google Password Manager will start suggesting switching to passkeys on supported websites.

    Google already prompts users to create passkeys for their Google accounts, but a currently hidden beta feature indicates that the company’s password manager will soon prompt users to switch on other sites, too. Passkeys: they’re the future!

  • Google begins prompting users to create passwordless passkeys by default

    A hand holding a phone with the Google logo on it.
    The additional visibility will at least remind Google account users that passkeys exist.
    Illustration by Samar Haddad / The Verge

    Google is making it easier for users to ditch passwords on their Google accounts in favor of passkeys — a fast, secure, and passwordless approach to logins that utilizes the pin, face, or fingerprint authentication built into your devices. Starting today, Google account users will be prompted to create a passkey for their account by default, sparing them from manually hunting through account settings for the setup process.

    While the industry-wide goal is to eventually make passkeys the new login standard, Google says that passwords will “still remain part of our lives as we make the pivot.” As such, users can still choose to sign in to their Google account with traditional passwords and can opt out of using passkeys entirely by disabling the “skip password when possible” option for their account.

    Read Article >
  • Okta is getting in on passkeys.

    Okta, an identity and access management company, has announced support for passkeys. The passwordless sign-in method is available in early access for the Okta Customer Identity Cloud, allowing users to verify their identity with a fingerprint, face scan, or device PIN.

  • The latest Windows 11 update will help you ditch passwords for good

    The Microsoft logo on an orange background
    Microsoft takes its next step towards a passwordless future.
    Illustration by Alex Castro / The Verge

    Microsoft’s incoming Windows 11 update will introduce public support for passkeys — a passwordless login technology that instead uses your face, fingerprint, or device PIN to sign into accounts. Announced at Microsoft’s AI and Surface launch event on Thursday, the latest Windows 11 update (available from September 26th) will allow users to create, manage, and store passkeys, and use them to access supported websites and services using their device’s own authentication systems.

    Microsoft began testing passkey management in the Windows Insider developer channel back in June, so this Windows 11 update is bringing the technology into general availability.

    Read Article >
  • Emma Roth

    Sep 21

    Emma Roth

    Nintendo now supports passwordless sign-ins

    The Nintendo logo sits inside a black, red, and cream-colored design.
    Illustration by Alex Castro / The Verge

    Nintendo has added support for passkeys, a passwordless sign-in method that uses your fingerprint, face scan, or other methods to give you access to your online accounts. As spotted earlier by NintendoSoup (via 9to5Mac), Nintendo now lets you register and use a passkey to sign in to your account from a variety of different devices.

    To add a passkey to your account, head to from the device you want to use the passkey. Once you sign in to your Nintendo account, hit Sign-in and security settings > Passkeys > Edit. Then, select Register a new passkey and follow the steps to complete the setup process on the device you’re using.

    Read Article >
  • 1Password rolls out public passkey support to its mobile apps and web extensions

    1Password’s passkey support is finally out of beta.

    Following months of teasing, 1Password has announced that support for passkeys — a new login technology that replaces passwords with authentication systems built into a user’s own device — is now generally available across the password managers’ mobile apps and web browser extensions. From today, 1Password users can create, manage, and sign in to supported websites with passkeys via the 1Password iOS and Android mobile apps and its browser extensions for “all major web browsers on Mac, Windows, and Linux.”

    This update doesn’t include the ability to replace your 1Password account’s master password with a passkey, however, which has been teased by the company since February. That’s set to arrive “later this fall,” when the company says it’ll deliver its first “end-to-end passkey experience” across all platforms and devices.

    Read Article >
  • Biometrics? Bring it on: why Okta’s Jameeka Green Aaron wants passwords to go away

    Jameeka Green Aaron smiles into camera
    Photo illustration by Alex Parkin / The Verge

    Today, I’m talking with Jameeka Green Aaron. She’s the chief information security officer, customer identity at Okta. Okta is a big company, a Wall Street software as a service darling, and also just the thing a lot of us have to log into at work 50 times a week to get anything done. So I was very curious to dig into the business of Okta’s business.

    But Okta’s point of view, Jameeka told us, is that it’s not just a security company; it’s an identity company. So we talked at length about what the whole concept of “identity” even really means in 2023. Is it your whole actual self? Is it a digital replica of your vital stats and permissions? How do you define what it means to be you in the 21st century, and how does that relate to the way you use technology, tools, and systems? How is an identity-based approach to systems more or less secure than other approaches?

    Read Article >
  • TikTok is now supporting passkeys on iPhone

    TikTok logo over a white background with the app icon repeating
    Illustration by Nick Barclay / The Verge

    The next TikTok trend is passkeys on iPhones. The social media app is announcing support for the logins that try to make password-stealing phishing attacks impossible by allowing users to sign in with either Touch ID or Face ID instead of entering passwords. The initial launch includes iOS device support and uses Apple’s native implementation of passkeys that saves them to the iCloud Keychain so that once it’s set up, it will also work on your other Apple devices.

    Once the feature is available, TikTok users can enable a passkey for their account by going to the app’s settings and selecting the new passkey menu item. Then users can follow a couple of steps: tap Set up, hit Continue on the iOS system prompt to save a passkey, and you're done!

    Read Article >
  • Now GitHub will let you log in with a passkey.

    The new feature that standardizes logging into accounts with your device’s authentication methods (like facial recognition or a fingerprint scan) instead of a password is now available in beta for GitHub accounts.

    Passkeys are being adopted quickly by many tech companies, including Apple and Google, and Microsoft recently started testing expanded support for them within Windows.

  • Windows 11 tests letting you sign in to websites with a fingerprint or face

    An image showing the Microsoft logo on a black, green, and purple abstract background
    Illustration by Alex Castro / The Verge

    Microsoft is improving Windows 11’s support for the new passkey standard that aims to replace passwords with a more secure and convenient way of logging in. A recent Insider Preview Build (23486) now lets you use Windows Hello natively to create and sign in to supported applications and websites using passkeys, where you’ll be asked to prove your identity using a PIN, fingerprint, or face scan. 

    According to Microsoft, you can set up the feature by going to a website that’s added passkey support, creating a passkey in its settings, and then logging out to get the option to sign in with the new security method. On Edge or Chrome, the option to sign in with a passkey should be under the “Windows Hello or external security key” option. Saved passkeys can be managed by going to Accounts and then Passkeys in Windows’ settings. 

    Read Article >
  • Wes Davis

    Jun 20

    Wes Davis

    Apple IDs now support passkeys — if you’re on the iOS 17 or macOS Sonoma betas

    Green backdrop, black apple logo, apple leaves surrounding
    Apple IDs now support passkeys, but only in betas for iOS 17, iPadOS 17, and macOS Sonoma.
    Illustration: The Verge

    It appears that passkeys are now supported for Apple IDs, but only if you have the first beta for iOS 17 (or iPadOS 17 or macOS Sonoma). Beta users of Apple’s operating systems then have the ability to sign in anywhere that supports signing in with your Apple ID — covering not only and, but also anywhere else your Apple account is linked to — sans passwords, using just the biometrics on their iPhone or MacBook and a dream.

    It works anywhere that supports signing in with your Apple ID. For example, if I want to sign in to Reddit and look at my favorite John Oliver-themed subreddits, I can tap the “Continue with Apple” button on the sign-in screen, and I’ll be given the option to sign in by scanning a QR code with my iPhone.

    Read Article >
  • Google Chrome’s password manager adds biometric unlocking on desktop

    An image showing biometric unlocking on Google Chrome’s password manager
    Image: Google

    Google Chrome’s password manager will soon support biometric authentication on PCs and Macs. The feature, which was previously only available on mobile, uses facial recognition or your fingerprint to verify your identity before Chrome automatically fills your passwords.

    This is ideal if you share a computer with someone else and don’t want Chrome to autofill your account passwords for anyone but yourself. You’ll still need a PC or Mac that comes with a fingerprint sensor or supports facial recognition to actually take advantage of the feature, though. Google says this feature is “coming soon” on desktop.

    Read Article >
  • Here’s what 1Password’s passkeys will look like in iOS.

    It will be possible to use 1Password passkeys in iOS 17 thanks to a new API Apple revealed at WWDC. I really hope this feature is available the same day iOS 17 launches this fall — I’m ready for the passkey revolution.

  • 1Password launches its public passkey beta

    A red neon key and a blue neon key in a circle, against a dark blue background.
    1Password users will need to download the beta browser extension to access the new passkey beta.
    Image: 1Password

    After several months of teasing, password manager 1Password has now launched its public beta for passkeys — a new login technology that allows users to replace passwords with authentication systems built into their devices. From today, 1Password users can now create, store, and share passkeys for supported websites by installing the 1Password beta browser extension for Chrome, Edge, Safari, Firefox, or Brave.

    Passkeys can only be created for websites and services that have rolled out their own support. 1Password is keeping a directory of platforms where passkeys can already be used, in addition to a new tab where users can vote on which sites and services they’d like to see passkey support. This doesn’t guarantee that those platforms will actually add passkey support, but perhaps it’ll motivate some companies to develop the feature if they see enough demand. Alternatively, 1Password also has a feature called Watchtower that keeps tabs on your existing accounts and notifies you when passkey support becomes available.

    Read Article >
  • Google trials passwordless login across Workspace and Cloud accounts

    A hand holding a mobile phone with the Google logo on it. The background contains various nods toward Google’s products and services.
    Illustration by Samar Haddad / The Verge

    Google has taken a significant step toward a passwordless future with the start of an open beta for passkeys on Workspace accounts. Starting today, June 5th, over 9 million organizations can allow their users to sign in to a Google Workspace or Google Cloud account using a passkey instead of their usual passwords.

    Passkeys are a new form of passwordless sign-in tech developed by the FIDO Alliance, whose members include industry giants like Google, Apple, and Microsoft. Passkeys allow users to log in to websites and apps using their device’s own authentication, such as a laptop with Windows Hello, an Android phone with a fingerprint sensor, or an iPhone with Face ID, instead of traditional passwords and other sign-in systems like 2FA or SMS verification. Because passkeys are based on public key cryptographic protocols, there’s no fixed “sequence” that can be stolen or leaked in phishing attacks.

    Read Article >
  • 1Password is finally rolling out passkey management

    A screenshot of someone using 1Password’s passkey support to sign into an eBay account.
    eBay is one of the few websites to currently support passkey sign-on.
    Image: 1Password

    1Password customers are finally gaining partial access to the passwordless future we’ve been promised. Starting from June 6th this year, anyone with a 1Password account will be able to use it to save and manage their passkeys — a biometric-based login technology that allows users to ditch passwords in favor of their device’s own authentication. To access the open beta, you’ll need to download the 1Password beta browser extension for Safari, Firefox, or Chromium-based browsers (which include Chrome, Edge, Arc, and Brave). Support for passkeys on mobile is still in development and unavailable at this time.

    You won’t be able to replace your 1Password master password with a passkey right away, either; Steve Won, 1Password’s chief product officer has informed The Verge that this feature will arrive sometime in July 2023.

    Read Article >
  • How to use a passkey to sign in to your Google account

    Hand holding phone with Google logo against pink background with round blue illustrations.
    Illustration: Samar Haddad / The Verge

    Passwords have always been a necessary evil, giving you the choice of either using one that is too simple (so you can easily remember it) or one obscure enough to be secure but complicated enough to require a password manager.

    Until now, the best way to keep your accounts secure was to partner a password with two-factor authorization (2FA). But now, Google is offering another choice: using a passkey — a secure credential tied to the PIN or biometric authentication your device already uses. The passkey only exists on your device, not in the cloud, making it even safer.

    Read Article >
  • Dashlane’s password manager goes zero password

    MacBook Air with QR code on screen with iPhone floating next to it that has dashlane app open
    Dashlane’s new Passwordless Login uses device authentication, so you can log in to your vault on your computer by scanning a QR code.
    Image: Dashlane

    Password manager company Dashlane is replacing the master password with a new device-based / biometric “Passwordless Login” solution to better protect users’ password vaults. That means Dashlane users will no longer have to create and remember a single password that must be guarded from the world — lest it succumbs to a dastardly phishing scheme that compromises your whole digital life (and probably your identity).

    Dashlane’s Passwordless Login follows the company’s early support for the rising cryptographic keys solution known as passkeys. However, while Dashlane’s new master password replacement solution also uses cryptographic keys, it's not the same as passkeys, which is the password-free authentication solution developed by FIDO Alliance. Passkeys are backed by all the major tech players, including Apple, Microsoft, and Google, which just added support for passkey protection on Google accounts this morning.

    Read Article >
  • Your Google account no longer needs a password to sign in

    A person holding a mobile phone with the Google logo on it. The background is a mix of different Google services.
    Illustration by Samar Haddad / The Verge

    Google’s next step into a passwordless future is here with the announcement that passkeys — a new cryptographic keys solution that requires a preauthenticated device — are coming to Google accounts on all major platforms. Starting today, Google users can switch to passkeys and ditch their passwords and two-step verification codes entirely when signing in.

    Passkeys are a safer, more convenient alternative to passwords being pushed by Google, Apple, Microsoft, and other tech companies aligned with the FIDO Alliance. They can replace traditional passwords and other sign-in systems like 2FA or SMS verification with a local PIN or a device’s own biometric authentication — such as a fingerprint or Face ID. This biometric data isn’t shared with Google (or any other third party), and passkeys only exist on your devices, which provides greater security and protection since there’s no password that could be stolen in a phishing attack.

    Read Article >
  • PayPal’s bringing its passkey logins to Android

    Photo of someone using a phone to log into PayPal with a passkey
    Image: PayPal

    Android users should soon be able to log in to PayPal’s website using passkeys, the password-free login system that’s being pushed by Apple, Google, Microsoft, the FIDO alliance, and more. According to an announcement post, the feature is currently rolling out, and will be “more widely available over the coming year.”

    PayPal says that the rollout will start on its website, rather than its app, and that you have to be running Chrome on Android 9 or up to access passkeys. If it’s available for your account, you may get a prompt asking if you want to create a passkey, which you can authenticate using the biometric system or passcode that you use to unlock your phone.

    Read Article >
  • The latest Android 14 developer preview tests new security and privacy features

    The Android logo on a black backdrop, surrounded by red shapes that resemble the Android mascot.
    Illustration: Alex Castro / The Verge

    Google has just released the second developer preview for Android 14, as app developers test their programs against changes coming in this year’s big mobile OS update. Most of the features in this latest release were already mentioned in the first Android 14 dev preview back in February, such as operational improvements to Android devices, changes to app security and privacy permissions, and a new API that supports passwordless sign-in using passkeys. 

    The Android 14 preview also includes a test of Credential Manager, a platform API that supports multiple sign-in methods, such as passkeys and federated sign-in solutions (such as the option to sign in with Google) alongside the traditional username / password combinations. This API isn’t exactly new — support was included in the first Android 14 preview. However, Google has since made UI improvements based on its initial feedback. Some services like password manager app Dashlane have already teased passkey integration, pending the release of Android 14 later this year.

    Read Article >