Who doesn’t hate passwords? It’s impossible to remember unique passwords for each
account. It’s even more difficult if those passwords have a mixture of upper and lowercase
letters, numbers, and special characters.
Companies like Apple, Google, and Amazon are looking at eliminating the need for usernames and passwords (almost) altogether.
The solution is “passkeys” which use biometric information to confirm the person signing in is
the person the account belongs to. Passkeys use Face ID and fingerprints to log people into
their accounts. Passkeys are said to be more secure and easier to use than passwords.
Setting them up is not all that easy. At least I ran into a few problems with some accounts.
Here’s what you need to know:
When you sign into an account on a smartphone you may see a prompt to save the login as a
passkey. Apple saves passkeys in the iCloud so they can be used on all of the devices
connected to your account.
To set up a passkey for my Amazon account, I needed to first set up 2-factor authentication
which everyone should do on their critical accounts like shopping, banking, social media, and
email. In order to do this you must give the account your phone number so it can send you a
text message with a code to enter at sign-in. Once you’ve enabled two-factor or 2-step
authentication, you may be prompted to set up a passkey in Apple. This is fairly straightforward
when you’re prompted as Apple walks you through the steps. Much like you use Face ID to
make purchases with an Apple credit card or within iTunes, the phone will scan your face before
the transaction is approved.
You may be prompted to create the passkey by scanning a QR code which I found to be difficult
since the QR code was displayed on my phone. I logged out of my Google account on a
computer and then logged back in to get the prompt from Apple. This displayed the QR code I
needed on a second screen so I could scan it with my phone. Maybe I missed something
somewhere but this was a bit confusing. Once I completed this step, my passkey was saved to
my iCloud, and signing in to Google only required using my Face ID.
When I tried logging in to Google on a PC, I was shown a QR code on the computer screen
which I needed to scan with my phone. Most PCs are not equipped with a camera capable of
reading biometric information. Most also don’t have fingerprint scanners. But that setup was
fairly easy as long as I had my phone at hand. I used the Passkey I set up for my iTunes
account using my computer and my phone.
It was easier on a Macbook with its fingerprint scanner.
Android users (and most people in general) will want to download the Google Authenticator app
to store Passkeys on a phone. This is a free app I first used to log into my Instagram account on
a new computer. After entering my password I was prompted to add a 6-digit code from the
authenticator app on my phone.
This was a bit more difficult than I thought it should be. Once logged into Instagram on my
phone I needed to copy a backup code and paste it into the Authenticator app which would then display the 6-digit code I needed to input into the Instagram sign-in page. The 6-digit codes are regenerated every 30 seconds. I used this format for both Instagram and Amazon sign-ins.
The good news is once you are signed in on the device or computer you won’t have to use the
passkey again until you’ve signed out.
Are passkeys easier to use? I think they will be eventually but getting them set up at the
beginning is a chore, if not confusing and frustrating. They eliminate the need to receive a text
message with a sign-in code that you must enter into any account using 2-factor authentication.
It’s a step in the right direction for now. 75 companies are now supporting passkeys and more
are coming on board every week.