Based on industry standards for account authentication, passkeys are easier to use than passwords and far more secure. Adopt passkeys to give people a simple, secure way to sign in to your apps and websites across platforms — with no passwords required.
Saving and using a passkey is quick and easy with one-step account creation and sign-in using Face ID or Touch ID. There’s no need to create or manage passwords. Because passkeys are synced with iCloud Keychain, they’re available across Apple devices. You can even use your iPhone to sign in to apps and websites on non-Apple devices.
Based on FIDO Alliance and W3C standards, passkeys replace passwords with cryptographic key pairs. These key pairs profoundly improve security.
Strong credentials. Every passkey is strong. They’re never guessable, reused, or weak.
Safe from server leaks. Because servers only keep public keys, servers are less valuable targets for hackers.
Safe from phishing. Passkeys are intrinsically linked with the app or website they were created for, so people can never be tricked into using their passkey to sign in to a fraudulent app or website.
In iCloud Keychain, passkeys are end-to-end encrypted, so even Apple can’t read them. A passkey ensures a strong, private relationship between a person and your app or website.
Since signing in with passkeys uses AutoFill and Face ID or Touch ID for biometric verification, the transition to passkeys is seamless. This lets people use passkeys alongside passwords, so you don’t need to adjust your sign-in page based on credential type. You’ll use the new Authentication Services API to add passkeys, creating sign-in flows that are familiar to users.