All About Passkeys: What You Need to Know
Our dual mission is to help you with your computer and to help keep you safe online. One way you can stay safer online is by switching from passwords to passkeys. We’ll explain why you should and how you can start using passkeys.. Keep in mind, passkeys are relatively new. Many sites offer them now, but some aren’t set up for passkeys yet.
I Was Skeptical About Passkeys
I’ll admit that I had mixed feelings about passkeys until I started using them. And now that I’ve started using passkeys, I’ll never go back to passwords.
Passwords, without a password manager, make you feel like you’re playing a never-ending game of “remember that unique string of characters and numbers, don’t you dare write down”? That’s the relationship many have with passwords, and frankly, it can be frustrating. And frustration means many reuse the same password for many (or even all) sites, and that is a dangerous thing. Things like two-factor authentication (2FA) make passwords stronger and better, but even 2FA has its quirks.
More and More Websites are Allowing Passkeys
Many websites now let you use passkeys instead of passwords and/or 2FA.
Think of a passkey not as something you remember, but as something you own. It’s like having a secure, invisible key to your online accounts that stays right on your phone, computer, tablet, or a security device.
How Are Passkeys Different From Passwords?
With a password, you type in your password, and if it matches what the website has, you’re in. Simple, right? Too simple. Passwords can be stolen, guessed, or compromised in data breaches.
Passkeys work in a completely different way. When you set up a passkey for a website, your device (your phone, laptop, desktop PC, or tablet, for example) creates two related “keys” – a public one and a private one. The public key is sent to the website, and the private key stays securely on your device.
The simplicity is the magic: when you want to log in, your device uses your private key to prove to the website that it’s you. The website, using its public key, can verify this without ever needing to see your private key or any other information from you. It’s like a secret handshake that only your device and the website understand, and it happens in the blink of an eye.
Why Are Passkeys So Much Better Than Passwords?
You don’t have to remember your passwords or create new ones: This is a huge one. With passkeys, there’s nothing to create or memorize. Your device handles everything. No more password resets, no more “what did I use for this site?” frustration.
Passkeys are Virtually Phishing-Proof!
Phishing occurs when miscreants trick you into giving them your password by creating counterfeit websites that closely resemble the authentic ones. With passkeys, even if you land on a fake site, your device knows it’s not the correct site and won’t log you in. It’s like having a built-in fraud detector.
Passkeys Take the Worry Out of Data Breaches
If a website you use gets hacked and its user data is stolen, your password could be exposed. With passkeys, even if the website’s public keys are compromised, your private key (which is needed to log in) remains safe and sound on your device.
Keys Are Simpler Than 2FA and More Secure.
We all know 2FA (two-factor authentication) is a good idea. It adds an extra layer of security, usually by sending a code to your phone. But it has its drawbacks. Sometimes the code is slow to arrive, or you don’t have your phone handy. Passkeys are like super-powered 2FA, built right into the login process, making it much easier, smoother, and more secure because there’s no code to receive and copy.
Passkeys are Easy to Use Across Devices:
If you’re signed into your Google or Microsoft account, your passkeys can often sync securely across all your trusted devices. So, if you set up a passkey on your phone, you might be able to use it seamlessly on your laptop too.
How to Start Using Passkeys
You’ll start seeing “Sign in with a passkey” or “Create a passkey” options popping up on your favorite websites and apps. When you see it, just click it. Your device will then guide you through a simple process, usually involving a quick Face ID, Touch (fingerprint) ID, or your device’s PIN to confirm it’s you.
Passkeys are relatively new, so we’re still in the early days, but more and more websites are adopting passkeys. As more and more websites start accepting passkeys, your online life will become safer and simpler without you having to lift a finger (well, maybe just your finger for Touch ID!).
So, next time you’re asked to create a password, remember that soon, you might not have to. Passkeys are here, and they’re ready to make your online life a whole lot less complicated and a lot more secure.
Whenever you have an option to use passwords, passwords with 2FA, or passkeys, always choose passkeys. Your online life will be much easier and much safer.
My computer and passwords are driving me crazy! Some sites ask for a password every time you even look at it! And then don’t remember my password anyhow and want a new one. It’s totally insane and I’m ready to shotgun my pc off the desk! Lol. No, not really but it’s been a real pain for a long time already. Thanks for convincing me passkeys are the way to go!!
Dawn C.
Great information. I’ve been with you guys since 1999 and you just keep getting better. You still take the time to keep on top of things and keep us informed, I learned so much about passkeys just by reading this article, Keep up the fantastic work!
What happens if you get a new computer?
When you set up a new computer or device and sign in with your Google Account, Microsoft Account, or other service, your synced passkeys will automatically become available. You’ll just need to verify your identity on the new device using your PIN, fingerprint, or face scan to access them.
If you use a third-party password manager that supports passkeys (like 1Password, LastPass, Dashlane, Bitwarden, Keeper), your passkeys are stored securely within that manager’s vault. To get your passkeys on a new computer or device, you simply need to install the password manager’s app or browser extension and sign in to your password manager account. Once you’re authenticated, all your stored passkeys (along with your regular passwords) will sync to the new device.
Even if your passkeys aren’t directly synced to a new device, you can often use an existing device like a smartphone that does have the passkey to sign in on the new one. When you try to sign in to a website that supports passkeys on your new computer (which doesn’t yet have the passkey), you’ll often see an option to “Sign in with a different device” or “Use a phone or tablet.” This will usually display a QR code on your new computer’s screen. You then scan this QR code with your phone (which does have the passkey), authenticate on your phone (using your face, finger, or PIN), and the sign-in is completed on your new computer.
Passkeys have been well-thought-out, so it’s usually a pretty quick and painless process to get them changed to a new computer or device.
Can you use the same Passkey numbers over again?
You don’t control passkeys your device does. No one “sees” them. They’re like a key to a lock on a door. If the passkey fits the lock on the site, then you’re in. Think of passkeys as keys to different doors.
I really appreciate and rely on you guys!!! I started using the passkey option last week after the last “big leak”. I just like knowing that you recommend passkeys, because you have given us years of trustworthy information. Bless you!