We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Passkey confusion
Options

Monanore
Posts: 82 Forumite

in Techie Stuff
Looks like they're going to make our life even more difficult. Apparently I won't have a password, but an ID tied to a specific device. It can be a PIN. But I can only use it on one device ! Or I'd have to set up syncing or some such nonsense which I don't understand. So, suppose I want to do an important transaction on my laptop and the laptop isn't working. I'm stuffed !
0
Comments
-
Can you be more specific? Who is "they"? Don't think you are quite understanding how passkeys work but tell us which service you are referring to and we might be able to help.
I'm not aware of any of the major (or any other) service that is insisting that their users switch to passkeys exclusively. they all have more traditional (and less secure) access methods available.2 -
Monanore said:Looks like they're going to make our life even more difficult. Apparently I won't have a password, but an ID tied to a specific device. It can be a PIN. But I can only use it on one device ! Or I'd have to set up syncing or some such nonsense which I don't understand. So, suppose I want to do an important transaction on my laptop and the laptop isn't working. I'm stuffed !
For most its a convenience and with all you can fall back to using a password etc if your laptop isnt working and you haven't figured out syncing0 -
Passkeys are an alternative, potentially more secure alternative to logging in with passwords which can be keylogged etc., but they don't replace passwords so you can always login from a new device. NB If you are really concerned about security, the passkey is stored in a USB device such as a Yubikey that is portable between devices.
Say Goodbye to Passwords: Passkeys Explained Simply0 -
Monanore said:Looks like they're going to make our life even more difficult. Apparently I won't have a password, but an ID tied to a specific device. It can be a PIN. But I can only use it on one device ! Or I'd have to set up syncing or some such nonsense which I don't understand. So, suppose I want to do an important transaction on my laptop and the laptop isn't working. I'm stuffed !
If your laptop wasn't working then you wouldn't be able to use it whether you had a password or passkey.
The point with a passkey is you have two things, a device and a key. So even if someone gets your key then it won't work without the device and vice versa. The Key can be biometric, a password or a device like a Yubikey.
If you want to log in elsewhere then the passkey prompt will still appear on the device.
For example, if your phone and fingerprint form the passkey. Suppose you want to log in on a tablet. The tablet will display a QR code, you scan that with your phone authorise the login with you fingerprint and that logs you in on the tablet. Mich more secure and easier to use than a password.0 -
- The Key can be biometric, a password... -
I think you're conflating 2FA techniques in general and passkeys, the later are based on public key cryptography0 -
Sorry, I was annoyed at reading about passkeys for the first time so I wasn't clear. It seems that when they are brought in, and tied to a specific device you would not be able to access the same website on a different device. You would have to set up different passkeys for each website on each device, or get more technical and start getting syncing set up, all wrapped up in Google or whatever - it's all so confusing. A lot of inconvenience for those who understand and a nightmare for those who don't.And, mark my words, when it's made compulsory ( and it will be ), the scammers will be ahead of it and turn it to their advantage - just like they have done recently with Captcha. Me? Cynical?
0 -
PHK said:Monanore said:Looks like they're going to make our life even more difficult. Apparently I won't have a password, but an ID tied to a specific device. It can be a PIN. But I can only use it on one device ! Or I'd have to set up syncing or some such nonsense which I don't understand. So, suppose I want to do an important transaction on my laptop and the laptop isn't working. I'm stuffed !
If your laptop wasn't working then you wouldn't be able to use it whether you had a password or passkey.
The point with a passkey is you have two things, a device and a key. So even if someone gets your key then it won't work without the device and vice versa. The Key can be biometric, a password or a device like a Yubikey.
If you want to log in elsewhere then the passkey prompt will still appear on the device.
For example, if your phone and fingerprint form the passkey. Suppose you want to log in on a tablet. The tablet will display a QR code, you scan that with your phone authorise the login with you fingerprint and that logs you in on the tablet. Mich more secure and easier to use than a password.0 -
- What happens if your phone is lost or stolen?-
You login with your credentials, satisfy the 2FA with the backup method and regenerate the passkey to store on your new phone.1 -
Vitor said:- The Key can be biometric, a password... -
I think you're conflating 2FA techniques in general and passkeys, the later are based on public key cryptography0 -
It’s actually the public key cryptography that defines a passkey, not the device unlock method. The PIN or biometric simply authorises the device to use the private key securely stored on it. This distinction is important, because it’s what makes passkeys resistant to phishing and different from typical two-factor authentication.0
Confirm your email address to Create Threads and Reply

Categories
- All Categories
- 351.1K Banking & Borrowing
- 253.2K Reduce Debt & Boost Income
- 453.6K Spending & Discounts
- 244.1K Work, Benefits & Business
- 599.1K Mortgages, Homes & Bills
- 177K Life & Family
- 257.5K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards