Proton
Subscribe by RSS
what is a passkey?

What is a passkey?

Fergus O'Sullivan

Share this page

Passkeys are a new way to secure your online accounts using cryptographic keys instead of passwords. They offer a high level of convenience and security, and are a real game-changer in the way we access and secure sites. What is a passkey, though, and how does it work?

What are passkeys?

A passkey is a form of identification you can use to gain access to an account. Passkeys replace the need for passwords and two-factor authentication (2FA) by using your device to identify you. Since you no longer have a password to steal, passkeys protect against phishing. Passkeys are also less susceptible to brute-force attacks as they work by creating cryptographic keys. 

Passkey vs. password

The definition above probably sounds vague, so the best way to explain is by comparing passkeys to something you’re more familiar with, namely passwords. Normally, you gain access to an account by entering the credentials you gave when you created it: your username (often your email address) and password.

Not so with passkeys. When you create an account with a service that supports passkeys, your password manager generates a set of encryption keys. The next time you try to access the site, it will recognize the keys you hold and log you in without the need to enter your password.

How passkeys work

Passkeys use the principle of asymmetric or public-key cryptography. We go into more detail about this in our article on how encryption works, but the short version is that when you create a passkey, your password manager generates two mathematically connected numeric keys: one public, one private. 

The service you’re signing up for holds the public key, while you as the user hold the private one, which is stored on your password manager. When logging into the service, the public key sends a challenge to your device which can only be answered correctly by your private key, identifying you as the account owner.   

how passkeys work

The system is very secure and practically impervious to brute force attacks. To crack the kind of numbers used in public-key cryptography would take a combination of the world’s supercomputers billions of years.

Advantages of using passkeys vs. passwords

For you, the user, the whole login procedure is entirely seamless: All the above happens automatically and virtually instantly. The only real downside to using passkeys is that few sites use them at time of writing, adoption is slow as implementation can pose problems. Supporting passkeys can get very technical, and since passwords and passphrases are highly secure there’s not always a direct need to bother with it. On top of this, there are moments when using a passphrase can be more useful as they can be more easily memorized.

Even if more sites used them, another issue is that many devices don’t support passkeys. For example, Android users can only use them if they’re using Android 14, and even then only if they have enabled some specific options — read more about this in our article on enabling passkeys.

Passkeys and Proton Pass

To use passkeys, you need to use a program that can send and receive the keys that make up the passkey. For most people this will be a password manager, a program that stores and manages passwords and, more recently, passkeys. Currently, not all password managers support passkeys, across all devices,  but Proton Pass does. 

As secure as passkeys are, they do create a single point of failure: if somehow somebody gets access to your passkeys, you’re in trouble. To prevent this from happening, Proton Pass uses end-to-end encryption to make sure your passkeys are always stored safely on our servers; nobody can access them, not even us. 

On top of that, we are also platform agnostic: You can use passkeys on any site that supports them, using any of your devices as long as they are compatible. 

Add to this our acclaimed interface, and you have a convenient way to implement this modern security tool. If you’re interested in knowing more about how Proton works, create a free Proton account today or check out our guide on how you can get started using passkeys.

FAQ

Can I log in to Proton Pass with Passkeys? 

No, you can’t log into Proton Pass apps using passkeys, but with passwords or passphrases, or via biometrics.

Do passkeys mask a password?

No, they replace passwords completely as they work entirely of keypairs.

Where are passkeys stored?

An encrypted version of your private key is stored on Proton’s servers, while the public key is held by the service you have an account with.

What happens to my passkeys if my device is stolen?

Nothing, they will still be on your device, making it imperative that you secure your Proton Pass app with a PIN or biometric scan.

Protect your passwords
Creați un cont gratuit

Related articles

how to create a business email account
en
This article explains how to create a business email account that’s secure by default using Proton Mail.
A cover image for a Proton blog about how to safely share your wifi password - image shows a wifi symbol with a button saying 'share' with a key symbol
en
Is it safe to share Wi-Fi passwords in a text? Here’s how to share your Wi-Fi password easily and securely on any device, from any location.
A Proton blog cover image showing a phone screen with an empty one time password code field
en
  • Privacy guides
What is a one time password?
One time passwords are a common method for authenticating your identity – are they safe? We explain what they are and how to use them safely.
en
In response to popular demand, our privacy-first AI writing assistant Proton Scribe is now available for free on our Duo and Family plans, in nine different languages.
en
  • Privacy guides
How does Bitcoin work?
It’s easy to understand Bitcoin if you know a few simple concepts. This article explains how Bitcoin works and how to start using it.
A collection of images demonstrating the in-product experience for Proton Drive cloud storage for Business
en
  • For business
  • Product updates
  • Proton Drive
Proton Drive now offers secure cloud storage and docs editor for businesses
Proton Drive provides private and secure file sharing, document editing, and cloud storage for businesses of all sizes. Take control of your company's data.