Since the beginning of the Internet, passwords have been synonymous with online security. So much so that it might seem strange to imagine accessing your online accounts without one. But that’s set to change with the growing technological innovation making it easier and safer to sign in across the Internet — passkeys.
This passwordless authentication method means you won’t have to worry about forgetting your password ever again. You can enhance your online security simply by linking your device and using a fingerprint, face scan, or another screen lock authentication method.
Still unsure about passkeys and how to use them? Learn more about how this technical innovation works, what makes it a great alternative to passwords, and how to get yours set up.
Passkeys explained
Passkeys are encrypted digital keys stored on your device that enable easy and safe access to online accounts. Central to understanding passkeys is public key cryptography, the same technology that underpins SSL certificates. Passkeys work in the same way. They consist of key pairs — a private key stored on your device and a corresponding public key stored on the website or online service. Without the right key pair, logging into an account is impossible.
If you opt to use passkeys at login, you won’t need to enter a username or password when accessing an online account. Simply select the option to sign in with a passkey, and the online service will check the passkey saved to your device and prompt you to complete the associated passkey’s authentication method, such as biometric or pin. If you have concerns about passkeys and biometrics, don’t worry — this biometric information is not stored by the service or site associated with the passkey. It does not leave your device.
Because a passkey is associated with a trusted device, sometimes you may have multiple passkeys for one account. For example, one for your laptop and one for your mobile. Crucially, the same one is never used for more than one site, which is what makes passkeys safe.
Why passkey?
The two key benefits of using passkeys are safety and simplicity. It can’t be understated just how hackerproof they are. When it comes to passkeys vs passwords, passkeys are the clear winner.
Passwords may be the default means of accessing online accounts right now, but they can be highly vulnerable. If you’re not practicing good password hygiene — using unique, long, complex passwords for each of your accounts — you’re at risk of brute force attacks. And even if you are, passwords can be stolen in other insidious ways, such as social engineering. There’s a reason why phishing is one of the top security threats to small businesses.
When it comes to passkeys and security, there’s no need to worry. Passkeys virtually eliminate the threat of phishing and other account takeover methods. There are multiple reasons for this:
- Encryption makes passkeys impossible to hack
- Passkeys can’t be stolen or copied
- Even if your device is stolen, thieves can’t access services without the correct screen lock authentication
- You’ll never need to remember, reset, or come up with strong passwords, so there’s no chance of human error
Essentially, passkeys make account access more accessible and more secure than ever. What’s not to love about that?
Setting up and using your passkey
Getting passkeys set up is largely the same across websites and services, though there may be some minor differences depending on your browser and operating system. You will also need to meet certain hardware and software requirements to create a passkey:
- Devices – You can only add passkeys on desktops or laptops that support Windows 10, macOS Ventura, or ChromeOS 109 upwards.
- Browsers – you’ll need to use Chrome 109, Safari 16, or Edge 109 upwards.
- Other requirements – enabling bluetooth, screen lock, enabling iCloud Keychain on iOS and macOS.
If you meet these requirements, you can start creating your passkey. The process is fast and doesn’t take more than a few moments. Simply head to the service or site you want to create a passkey on (for Spaceship, that’s the Security Center app of your launchpad after you’ve logged in). Then, start the passkey creation process.
You’ll be prompted to choose a means of authentication:
- Screen lock – pin code, face ID, touch ID, or some other type of biometric authentication.
- Hardware key – A physical security key that plugs into your device and unlocks with a pin.
You can also choose to save the passkey to your password manager rather than your device. This way, the passkey is available across devices with the password manager installed. Not all password managers support passkeys yet, so be sure to check whether one does before committing to a service.
Another alternative method if you already have a passkey on a mobile device is scanning a QR code to log into an account on another device.
Choose a simpler and safer way to sign in
If you already have a Spaceship account, you can switch to passkeys in the Security Centre app of your Launchpad. If you’re not with Spaceship yet, you can choose passkeys when you sign up. And no worries if you’re not ready to make the change yet. You can still log in with usernames, passwords, and two-factor authentication (2FA).
Check out our security page to find out what else Spaceship is doing to make its platform as secure as possible.
Share your thoughts