When Apple introduced passkeys, its implementation of FIDO Alliance’s password-less secure authentication technology, the company did it in the most Apple way possible. It made an icon and printed a very on Apple brand-looking “Passkeys” next to it, complete in the San Francisco font. And if you’ve watched only part of the WWDC presentation on Apple’s passkeys, it’s possible to assume passkeys are an exclusive feature of Apple’s iCloud Keychain. Just a reminder: it’s not.
The term “passkey” will also be used by major players Microsoft and Google. It’s used as a common noun and can be pluralized or singular, for instance: “you should set a passkey for your banking app.” In other words, treat the word “passkey” as you would treat the word “password”. Passkeys work by letting you log in to an app or website with just your username and your pre-authenticated device — which uses a cryptographic token instead of a password and text message code that could get phished or otherwise compromised.
Apple’s software engineering manager Ricky Mondello started a Twitter thread yesterday to promote the new technology and to clarify what it means. Microsoft’s VP of identity Alex Simons chimed in the thread and confirmed that Microsoft will also be adopting the name. All involved parties seem to be committed to spreading awareness of passkeys, and thus far none are trying to claim it as their own.
We will definitely be using the “passkey” term in our products and services. Will take some time to build awareness/understanding, but we’re all committed to making the needed investments.
— Alex Simons (@Alex_A_Simons) August 4, 2022
“Passkey” is certainly an easier to digest name compared to “FIDO authentication,” which could be really confusing when used verbally — like is this where I want to enter the name of my first pet? But seriously, if you’ve ever had to explain to the common person what two-factor authentication was, and it took longer than five minutes, imagine teaching them what FIDO authentication is.
In order for the technology to succeed, it needs that marketing push, and what better way to get the word out there than to let Apple take the helm. If Apple was really trying to trick people into thinking that passkeys are an Apple-only technology it probably would have been branded Apple PassKeys.
If you’re on the developer betas for macOS or iOS, you can start using passkeys now where available. Google plans to open the developer tools needed to implement passkeys on Android “towards the end of 2022”. And Microsoft currently supports passkeys on the web using Windows Hello, and will support logging into a MS account using passkeys from an iOS or Android device “in the near future”.