Passkeys are a “new” (2020) form of authentication to simplify user experience and increase security for authentication workflows. Passkeys are built on top of the WebAuthn
standard, a well-established (more than three years) web protocol that enables passwordless authentication. WebAuthn
is a part of the FIDO2
(Fast IDentity Online) project, which aims to make the internet more secure by reducing the reliance on passwords and promoting the use of stronger authentication mechanisms.
const credential = (await
navigator
.credentials.create({
publicKey: {
challenge: new Uint8Array(16),
rp: {
name: "Passkeys.is",
},
user: {
id: new Uint8Array(16),
name: "demo@localhost",
displayName: "Display Name",
},
pubKeyCredParams: [
{
type: "public-key",
alg: -7,
},
],
timeout: 60000,
attestation: "direct",
},
})
) as PublicKeyCredential;
One of the key benefits of Passkeys is the elimination of the need for traditional passwords. This reduces the risks associated with password reuse, phishing, and brute-force attacks. With Passkeys, users can securely authenticate using Face ID
, Touch ID
, or a security key (like a Yubikey
), which provides a more seamless and convenient experience. Within the Apple ecosystem, Passkeys are stored in iCloud Keychain
, ensuring synchronization across devices and platforms, and offering users a consistent experience without the hassle of remembering multiple passwords.