Cyber threats are on the rise, traditional passwords are proving to be increasingly inadequate. Passwords have been around for a long time, but they’re not always safe or easy to use. That’s where passkeys come in. Passkeys are a new way to log into your online accounts without using a password at all.
What Are Passkeys?
Passkeys are a modern authentication method designed to replace passwords. Unlike passwords, which can be easily guessed, phished, or re-used across multiple sites, passkeys offer a more secure and user-friendly alternative. They are generated securely, unique for each website, and cannot be phished.
Major tech companies are already pushing for the adoption of passkeys. Google has urged Gmail users to upgrade their accounts to use passkeys, as has WhatsApp, highlighting the urgency of moving away from outdated sign-in methods. Microsoft has also taken significant steps to promote passkeys, celebrating the first ‘World Passkey Day’ and committing to increasing their implementation.
The Benefits of Passkeys
Passkeys are inherently more secure than passwords. They eliminate the risk of phishing and reduce the chances of unauthorised access to your accounts. According to the National Cyber Security Centre (NCSC), passkeys solve many of the security problems associated with passwords:
Convenience: Signing in with passkeys is faster and easier. Microsoft reports that passkey sign-ins take only 8 seconds on average, compared to 69 seconds for traditional password and second-factor authentication. This means less time spent on login screens and more time enjoying your online activities.
Reduced Password Fatigue: With passkeys, you no longer need to remember complex passwords or worry about forgetting them. This reduces the cognitive load on users and minimises the frustration associated with password management
How Passwords and Passkeys Compare
|
Feature |
Passwords |
Passkeys |
|
What you use |
A word or phrase you type |
Your device + fingerprint, face, or PIN |
|
How you log in |
Type the password each time |
Tap, scan, or enter a short PIN |
|
Can be stolen? |
Yes – in phishing or data leaks |
No – stays securely on your device |
|
Reused across sites? |
Often (which is risky) |
No – each passkey is unique |
|
Can be guessed? |
Yes – especially weak or common ones |
No – uses strong cryptographic keys |
|
Forgotten easily? |
Yes |
No – you don’t need to remember anything |
|
Need regular changing? |
Yes – recommended for safety |
No – there’s nothing to change |
|
Protected from phishing? |
❌ No |
✅ Yes |
|
Ease of use |
❌ Not really |
✅ Much easier and faster |
How You Can Start Using Passkeys
- Turn on passkeys in services that support them—like Google, Microsoft, and Apple.
- Add multiple devices, so you don’t get locked out if one is lost.
- Use a password manager that supports passkeys to keep them synced and backed up.