You may have noticed recently an option to create a Passkey. I have and how logging into websites and apps is changing. This is in part due to an initiative by the large tech companies pressing for a password-less future through the FIDO Alliance (a consortium created to reduce the over-reliance on passwords). While you may think FIDO is a just ploy to stop using your dog’s name as your password, when in fact it represents Fast IDendity Online, an alliance of over 250 technology companies.
I wanted to know more about Passkeys, so I’ve dug deeper with some insight to pass along. It is a method of confirming you are who you say you are which can be hard to do digitally and not in-person. Instead of matching a shared secret word amidst numbers and characters, it works by matching a pair of cryptographic (public and private) keys.
1) a public key that anyone can see
2) a private key that only you have access to.
The public key is shared with the server or application you are logging into. The private key stays safe inside your device. When you attempt to log in to a website or app, the server will create a one-time challenge. This is a short string of random data. Your device will take this challenge and sign it proving that it is you by using the private key which is your face scan, fingerprint, PIN or other method of how you unlock your device (phone, laptop, tablet).
This signed message is sent back to the website or app server. The server checks the signature using the public key it already has. If the signature is correct, it proves the user has the right private key without ever showing it. This process is called challenge-response. It is secure because the challenge cannot be reused and the private key stays hidden during the entire process.
It’s safer because only you have access to your private key and it’s easier because that key is bound to some device you own and usually secured with biometrics. Although you don’t need to plug in a code from a text or copy something over from an authenticator app like you do for 2-factor or multi-factor authentication, passkeys inherently use multifactor authentication. It just happens so fast that it’s easy to miss.
I tried setting up a passkey but it didn’t work. I did notice, though, that one of our banking apps now has an extremely tight time limit to enter the code from a text that was sent to my husband’s phone. I had his phone right beside my mine but as the timer counted down from 20 seconds, I only had 2 seconds left to complete the entry. My husband was asking me something at the same time and after I got in, I told him why I waited to respond.
It is recommended to only set-up a passkey whenever you come across them on your online accounts rather than attempting to change them all at once. Especially like me, where my first attempt didn’t work and my understanding of how they work isn’t completely clear yet. But I can see how companies and banks are preparing us for how to use them. The 30-minute window for the texted code to expire will soon become obsolete.
It will take a combination of education and phased implementation to make passkey adoption smoother for users and more manageable for developers. I have linked a guide below of how to set up a passkey on each type of operating system: Windows, macOS, iOS and Android and which companies now offer them.
This brings me to highlighting a need for patience in the technology journey that never ends. Rather than becoming frustrated that some new technology doesn’t work never to attempt it again, instead just take a break. Others are having the same issues as you and I can almost guarantee you will find them by entering the problem into a search.
I had paired my new phone to my vehicle. It was working by for some reason the bluetooth connection failed when I started my vehicle up this week. So, it automatically defaulted to the Sounds of Nature installed on my Media system. I tried connecting but it didn’t work and we had to be somewhere, so I turned the volume down. As I’m driving, my husband asks why we are listening to nature sounds which was displayed on the screen and he could still hear the birds chirping in the distance.
There are copious comments on vehicle user forums with thousands of views on this exact issue with people apologizing for laughing because it is such an absurd and annoying problem. A few days later, I stayed in my vehicle and figured out a setting that needed to be changed while my husband went into the hardware store.
Sometimes learning how to use technology is less about being smart and more about being patient.
What Is a Passkey? Here’s How to Set Up and Use Them (2025) | WIRED
FIDO Directory of Passkey Implementations | FIDO Alliance