TapSmart

iCloud Passkeys – setting up password-free logins | iOS 17 Guide

Passkeys use familiar user flows

Digital security is more important than ever, but passwords as we know them are broken. It’s a flawed concept: passwords are fiddly to enter, difficult to remember, and easily stolen. Autofill and password managers help with some of that, but phishing scams still trick people into giving up passwords, and websites storing your login details can be hacked. Two-factor authentication improves security but makes the sign-in process even longer.

Apple offers an alternative system: Passkeys.

What are Passkeys?

Passkeys are designed to make the login process more secure, with less friction. They use Face ID or Touch ID for authentication, removing the need for a password entirely. That means there’s nothing to leak or steal, and nobody but you can access your accounts. They utilize the existing Autofill functionality in Safari to keep things quick and easy for users. You can share Passkeys with trusted people, and you can authenticate via a QR code if you need to log in on a non-Apple device. How successful Apple will be at transitioning the world to Passkeys remains to be seen, but they’re a promising prospect.

As this is still a fairly new technology, don’t expect every website to be compatible right away. Early adopters include Ebay, PayPal, and Best Buy – but plenty more will be added as time goes by.

How to set up a Passkey

To create a new Passkey with a compatible app or website, you enter a username and authenticate with Touch ID or Face ID. Your Passkey is generated and synced to iCloud Keychain. That means you can login using your passkey from another Apple device running iOS 16, iPadOS 16, macOS Ventura, or later.

Signing in uses the autofill system you’re already familiar with, and there are no steps beyond confirming your username and authenticating. In other words, you tap and sign in. It’s a single step flow, with no need for additional security requirements like two-factor authentication.

You can also look through the user settings of an existing account on any compatible website, but it’s not always referred to as a passkeys. For example, we tested the functionality on eBay’s website and found a setting called Face/fingerprint/PIN sign in tucked away in the Sign in and Security section of the Account Settings. Other compatible websites will be similar. Also note that the eBay app doesn’t currently support passkeys – this is for the website only.

Beyond Apple

Given that your Passkeys are stored on iCloud Keychain, you might ask how you’d sign into a service or website on a PC or Android phone. Here, things do get a little more complex, but not onerously so. You’re asked to scan a QR code with your phone, which then securely connects to the target device over Bluetooth. You then authenticate as normal and you’re in.

Sharing logins

You can also share a Passkey with someone you trust, so you can both more securely access shared accounts, such as for an online grocery store. In this case, proximity comes into play by way of AirDrop.

Exit mobile version