Apple Wants Passkeys to Replace Passwords: Here's Where You Can Try Them Out Now With iOS 16

Apple is on a mission to get rid of traditional passwords for good, and a step towards that future is something called "Passkeys." Passkeys aim to entirely replace passwords in both apps and on the web and instead use either your finger or face as the password.

Passkey Feature Triad
Passkeys are part of iOS 16 and macOS Ventura but also work on non-Apple devices and platforms such as Android and Windows. Apple's goal with Passkeys is to eliminate the need for users to ever type out, remember, or use a password again.

There are two scenarios for Passkeys: when you're using an Apple device and when you're on a Windows or Android device.

On an Apple Device

apple passkey
When you go to a website on your iPhone or iPad running ‌iOS 16‌ or a Mac on ‌macOS Ventura‌ that supports Passkeys, the website will not prompt you to enter a password as you may expect it to. Instead, you'll simply be asked to authenticate with Touch ID or Face ID.

On a Windows or Android Device

passkeys ios 16 2
On non-Apple devices, when you go to a website that supports Passkeys, you'll be asked to scan a QR code with your ‌iPhone‌ and then proceed to use ‌Touch ID‌ or ‌Face ID‌ as your actual password.

Passkeys will be more widely supported by apps and websites when ‌iOS 16‌ and ‌macOS Ventura‌ are released to all users this fall, but there are already some websites that support Passkeys. Here are just a few apps and websites that are starting to roll out support:

  • eBay
  • Best Buy
  • Cloudflare
  • Microsoft
  • Nvidia
  • PayPal
  • Carnival

ios 16 passkeys websites
In an interview earlier this month, Apple's director of platform product marketing Kurt Knight said, "This isn't a future dream to replace passwords. This is something that's going to be a road to completely replace passwords, and it's starting now."

Passkeys is just one of several new changes and features coming to ‌iOS 16‌ and ‌macOS Ventura‌ which you can learn about in our respective roundups.

Related Roundups: iOS 16, iPadOS 16, macOS Ventura
Related Forums: iOS 16, macOS Ventura

Top Rated Comments

EmotionalSnow Avatar
8 weeks ago

That is just a cheap trick be Apple to make it more difficult to leave the Apple ecosystem and switch to Android, as long as you still need an iPhone in order for your Passkey to work on a Windows device. Hacking a good password is virtually impossible. Even if you only use nunbers and lowercase letters, there are 36 combinations for each letter of the password. So to more letters already makes it 1000 times more diffictult to hack.

Hacks usually happen at the server level and not at the user level. When millions of passwords for Ebay or Yahoo were hacked, Passkey would not have prevented that.
Sure, passkeys cannot prevent a database from being accessed by an attacker. The important difference is that when passkeys are leaked your account is not compromised because unlike passwords they use asymmetric cryptography and are also unique to every website.

Please do not spread misinformation about passkeys if you do not have a clue what you are talking about ...
Score: 36 Votes (Like | Disagree)
ProfessionalFan Avatar
8 weeks ago
This sounds really good and a nice evolution on passwords.


That is just a cheap trick be Apple to make it more difficult to leave the Apple ecosystem
This is the standard reply when Apple introduces something new.

When it’s a feature Android already had (even if worse), the common reply is “iNnOVAtion”.
Score: 25 Votes (Like | Disagree)
BootsWalking Avatar
8 weeks ago
For those asking how this works, here's a simplified explanation based on my understanding from reading and watching the online resources about it.

To register on a new site, say widget.com
[LIST=1]
* You go widget.com and navigate to its new-account creation page
* Type in what you want your username to be and then click "create account"
* Your phone will bring up a system sheet confirming you want to create a credential for widget.com. After you confirm, the phone will create a site-specific credential token (called "passkey" in FIDO parlance), the security of which is based on public-key encryption.
* The phone will store the token and private-key portion of the token on your iCloud Keychain. It will share the public-key portion of the token with widget.com so it can save it on their server.

Whenever you visit widget.com in the future, Safari will know you have a saved credential for the site and will confirm you'd like to login, similar to how it works today for traditional passwords saved in your keychain, including you proving you have rightful access to your keychain (Face ID, passkey, etc...). But instead of a password, Safari will present the passkey (token) to the site (which it already has stored on their server to compare), then verify you're the rightful owner of the token by proving to the site that your phone has the private key associated with the token (challenge/response).

This is an improvement over passwords because there is no password to be stored on a server or presented for each site, which reduces the attack surface of your credentials. It also solves the problem of weak user passwords, or users reusing their password across multiple sites.
Score: 24 Votes (Like | Disagree)
ashdelacroix Avatar
8 weeks ago
I said at the time that this was the biggest announcement at the keynote, and I still believe that.

This will totally change how we authenticate online.
Score: 23 Votes (Like | Disagree)
tomnavratil Avatar
8 weeks ago

That is just a cheap trick be Apple to make it more difficult to leave the Apple ecosystem and switch to Android, as long as you still need an iPhone in order for your Passkey to work on a Windows device. Hacking a good password is virtually impossible. Even if you only use nunbers and lowercase letters, there are 36 combinations for each letter of the password. So to more letters already makes it 1000 times more diffictult to hack.

Hacks usually happen at the server level and not at the user level. When millions of passwords for Ebay or Yahoo were hacked, Passkey would not have prevented that.
Actually, the passkeys will utilize an open standard so they can be migrated between systems AFAIK. Also, passkeys or even passphrases are often more suitable options to stronger passwords - the latest NIST recommendations and guidelines are a good read on the matter.

These days, obtaining password via phishing is much more common compared to larger password leaks from companies. Personal data is leaked more often, certainly, passwords, not that much.
Score: 23 Votes (Like | Disagree)
MacknTosh Avatar
8 weeks ago
So I’ve no idea how these work. Sounds great if you are using your own device. But what happens if you left your phone at home, and want to log on to, e.g. internet banking on a friend’s PC. Will it just be impossible? Or you’re on holiday and lose your phone, are you locked out of everything until you get your phone replaced when back home?
Score: 18 Votes (Like | Disagree)

Related Stories

plex

Plex Asks Users to Reset Passwords Following Data Breach

Wednesday August 24, 2022 2:03 am PDT by
Popular media platform Plex has asked users to change their passwords "out of an abundance of caution" after it found a third-party had gained access to one of its internal systems. In a message to all users, Plex said that after discovering "suspicious activity" on one of its databases on Tuesday, the company ascertained that a hacker had been able to access "a limited subset of data"...
1password 8 for mac

1Password 8 for Mac Released With New Design and Features

Tuesday May 3, 2022 7:12 am PDT by
AgileBits today announced the release of 1Password 8 for Mac with a redesigned interface and several new features. The popular password manager has been redesigned to better match the look of macOS Monterey, from the sidebar and unified toolbar to the typography and iconography. The new design language extends to 1Password for Safari on the Mac. 1Password 8 improves productivity with a...
icloud windows strong password

iCloud Passwords for Windows Gains 2FA Code Generator

Tuesday July 26, 2022 4:46 am PDT by
The iCloud Keychain password manager in Apple's iCloud for Windows app now supports two-factor authentication codes, according to user reports posted on Reddit. Two-factor authentication, or 2FA, acts as an additional layer of security for online accounts, by requesting a code generated by a password manager when the account owner logs in. Apple includes support for the generation of 2FA...
1password deal blue

Deals: 1Password Offering 50% Off First Year of Individual and Family Plans

Friday May 20, 2022 6:46 am PDT by
1Password has introduced a new deal this week, offering 50 percent off the first year of both its individual and family plans. Like previous offers, this sale is available for new 1Password subscribers only, and it does not require a coupon code. Note: MacRumors is an affiliate partner with 1Password. When you click a link and make a purchase, we may receive a small payment, which helps us...
Copy of 1Password 8 for mobile Collection View for Home iOS Collection View for Home Android

1Password 8 for iOS and Android Released With New Design and Features

Tuesday August 9, 2022 6:00 am PDT by
AgileBits today announced the release of 1Password 8 for iOS and Android, completing the rollout of the new version and bringing parity to the desktop and mobile apps. 1Password 8 for mobile takes into account customer feedback gathered during the early access launches earlier this year, and includes a new customizable home screen. Users can personalize the home screen in several ways, ...
safari edit strong password

macOS Ventura and iOS 16 Let You Edit Suggested Passwords for Site-Specific Requirements

Tuesday June 7, 2022 1:00 pm PDT by
Apple's Safari browser has a built-in password suggestion feature across iOS and macOS, and with iOS 16, iPadOS 16, and macOS Ventura, it's getting more convenient than ever. Across these platforms, there is now an option to edit a strong password that is suggested by Apple, which allows it to be tailored to site specific requirements. Websites sometimes have password creation requirements...
half off 1pass 2

Deals Exclusive: Get Your First Year of the 1Password Individual Plan for 50% Off

Wednesday February 16, 2022 10:36 am PST by
We've partnered with 1Password again this month, this time offering our readers a chance to get 50 percent off their first year of 1Password for Individuals. This offer is available to new customers only, and it doesn't require a coupon code. Note: MacRumors is an affiliate partner with 1Password. When you click a link and make a purchase, we may receive a small payment, which helps us keep...
passkeys ios 16 1

Apple Aiming to Replace Passwords With New Passkey Feature

Wednesday June 8, 2022 9:57 am PDT by
Apple in iOS 16, iPadOS 16, tvOS 16, and macOS Ventura is introducing a new "Passkeys" feature that replaces traditional passwords when signing into a website or an app. Passkeys are more secure than passwords, and protect users from phishing, malware, and other attacks aimed at gaining account access. According to Apple, Passkeys are next-generation credentials that are safer and easier to...

Popular Stories

USB C Over Lightning Feature

EU Passes Law to Switch iPhone to USB-C by End of 2024

Tuesday October 4, 2022 3:30 am PDT by
The European Parliament today voted overwhelmingly in favor of enforcing USB-C as a common charging port across a wide range of consumer electronic devices, including the iPhone and AirPods, by the end of 2024. The proposal, known as a directive, forces all consumer electronics manufacturers who sell their products in Europe to ensure that a wide range of devices feature a USB-C port. This...
General iOS 16 Feature Yellow

10 New iOS 16 Features Coming Later This Year

Monday October 3, 2022 2:41 pm PDT by
iOS 16 was released to the public three weeks ago with a customizable Lock Screen, the ability to edit iMessages, improvements to Focus modes, and much more. And in the coming months, iPhone and iPad users have even more new features to look forward to. We've rounded up 10 new features coming to the iPhone and iPad later this year, according to Apple. Many of the features are part of iOS...
magsafe charger orange

Apple Releases New MagSafe Charger Firmware

Tuesday October 4, 2022 12:09 pm PDT by
Apple today released updated firmware for the MagSafe Charger that is designed to work with the iPhone 12 and later and the AirPods Pro 2. The new firmware is version 10M1821, up from the prior 10M229 firmware. Note that in the Settings app, you'll see a different version number than the firmware number, with the update displayed as version 255.0.0.0 (the prior firmware was 247.0.0.0). The...
maxresdefault

Video: AirPods Pro 2 vs. Bose QuietComfort II

Monday October 3, 2022 12:50 pm PDT by
Apple on September 23 officially launched the second-generation version of the AirPods Pro, introducing updated Active Noise Cancellation, Adaptive Transparency, improved sound, and more. Right around the same time, Bose introduced new QuietComfort II earbuds with many similar features, so we thought we'd compare the two to see which has the edge. Subscribe to the MacRumors YouTube channel for ...
iOS 16

Apple Preparing iOS 16.0.3 With More Bug Fixes Following iPhone 14 Launch

Monday October 3, 2022 7:53 am PDT by
iOS 16.0.2 was released last month with several bug fixes for iPhone 14 issues, excessive copy and paste permission prompts, and more. Now, evidence suggests that Apple is planning to release iOS 16.0.3 with additional bug fixes. Evidence of an upcoming iOS 16.0.3 software update has shown up in MacRumors analytics logs, which have been a reliable indicator in the past. There are several...
ipad pro m1 feature

Gurman: Apple Event This October Remains Unlikely, No Touch ID for iPhone 15

Sunday October 2, 2022 6:41 am PDT by
Apple is developing new iPad Pro, Mac, and Apple TV models, and at least some of these products will be released in October, according to Bloomberg's Mark Gurman. However, Gurman continues to believe that Apple is unlikely to hold an event this month. In the latest edition of his Power On newsletter, Gurman said "the big iPhone 14 unveiling last month was probably it for Apple in 2022 in...
General YouTube Feature 1

You May Soon Need to Be a YouTube Premium Subscriber to Watch 4K Videos

Monday October 3, 2022 4:29 am PDT by
YouTube may make watching videos in 4K quality on the platform exclusive to only YouTube Premium subscribers, according to screenshots posted by users on Twitter and Reddit. On Reddit (1,2) and Twitter, some users have started to recently notice that on iOS, and presumably across other platforms also, YouTube is now saying that in order to watch videos in 4K, the user must be a paying...
Apple SIM Card

Apple SIM No Longer Available for Activating New Cellular Data Plans on iPads

Sunday October 2, 2022 8:04 am PDT by
As of October 1, Apple SIM is no longer available for activating new cellular data plans on supported iPad models, according to an Apple support document. Introduced in 2014, the Apple SIM was designed to allow iPad users to activate cellular data plans from multiple carriers around the world. Initially, the Apple SIM was a physical nano-SIM card, but it was embedded inside later iPad Pro...