What are Apple’s passkeys, and how do they work?
As Apple stated in its iOS 16 press release, passkeys are unique digital keys stored on your device, designed to replace passwords. They are end-to-end encrypted, work with Touch ID or Face ID, and use Apple’s iCloud Keychain technology to sync across all of your Apple devices. Passkeys are also linked to the app or website they were created for, so phishing attacks cannot trick you into using them to sign into a fake app or website.In other words, with Apple’s passkeys feature, you get more secure and almost instant access to your app and website accounts without the need to remember and use any passwords. In return, you do pay the price of being even more intertwined with Apple’s walled garden ecosystem.
Here, you could argue that iCloud Keychain already does a similar thing by auto-filling your username and password. However, with passkeys, logins are even more secure because there’s no actual password to speak of. As Apple has explained on its support site, when you create an account, the system creates “a unique cryptographic key pair.” One of these keys is public and stored on the server of the app or site, and the other one — which is the one that you need to sign in — is private and safely stored in your iCloud Keychain. The private key is never revealed to the server.
When you try to log in, your phone authorizes the passkey via Touch ID or Face ID, which then authenticates you to the app or website. No shared secret is transmitted.
How to enable passkeys on an iPhone
To turn on passkeys, go to:
- Settings
- Profile
- iCloud
- Passwords and Keychain
- Sync this iPhone
You will need to enter your iCloud and iPhone passcodes to proceed.
How to use passkeys on an iPhone
First, we should note that the sites and apps you use must also support Apple passkeys. Even if you have an iPhone running iOS 16, if the website or app you want to sign into doesn’t support passkeys, you must use the old-fashioned way of typing in your password. Currently, only a few websites support passkeys, and only some of them use it as a primary login step. We suppose that the Internet will slowly but steadily adopt Apple’s new technology once the tech giant releases iOS 16 to the public this fall. It’s also very probable that Apple will eventually make them a mandatory option for App Store apps, just like how it did with the Log In With Apple feature. Now, if you are wondering which sites currently support passkeys, a Reddit user has compiled some of them in a dedicated thread.
Sites that currently support passkeys
Once you are in, go to your profile’s security settings and tap “Hardware Security Device.” Then, press the “+ Add New Security Device” button. Tap on “Continue with Passcode” and enter your phone’s passcode. The site will then give you an option to name your new passkey, and when you finish with that, just tap “Submit.” Your passkey is now saved under the name you chose for it, and you can use it to log in to the site.
Where to find saved passkeys
To find your stored passkeys on iOS 16, go to the Passwords menu in the Settings app. There you will find all your passkeys and the sites for which they have been created. If you want to delete a passkey, just tap and hold it and press “Delete.”
