Apple Is Trying to Kill Passwords With Passkeys Using Touch ID and Face ID

At WWDC 2022, Apple debuts its version of passkeys in MacOS Ventura and iOS 16, saying they can't be phished or hacked. Google and Microsoft also are on board.

David Lumb Mobile Reporter
David Lumb is a mobile reporter covering how on-the-go gadgets like phones, tablets and smartwatches change our lives. Over the last decade, he's reviewed phones for TechRadar as well as covered tech, gaming, and culture for Engadget, Popular Mechanics, NBC Asian America, Increment, Fast Company and others. As a true Californian, he lives for coffee, beaches and burritos.
Expertise Smartphones | Smartwatches | Tablets | Telecom industry | Mobile semiconductors | Mobile gaming
David Lumb
2 min read
A MacBook screen with a security sign-in window that prompts the user to log in with Touch ID.

Passkeys could replace passwords: They're protected behind biometric authentication and can't be hacked or phished, according to Apple.


Apple on Monday showed off a new replacement for passwords coming in Safari and iOS. Called passkeys, it's designed to use Face ID and Touch ID biometric authentication on your phone or computer for your account logins.

Apple revealed its version of passkeys at WWDC 2022 as a new authentication feature in MacOS Ventura and iOS 16 coming later this year, but Google and Microsoft helped develop the technology through the FIDO Alliance standards group, which announced passkeys in May.

Passkeys are unique digital codes generated for websites you visit in Safari or apps on your iPhone. Instead of typing a password, you log on by selecting a passkey and approving logon with Face ID or Touch ID. Since they aren't stored on web servers, passkeys can't be hacked or leaked, and because they're locked to the true website or app, users can't be tricked or phished into sharing them like passwords. Apple says that makes them stronger than two-factor authentication.

In addition, passkeys are securely synced across Mac, iPhone, iPad and Apple TV devices using iCloud Keychain with end-to-end encryption, according to Apple. You'll also be able to sign in to websites and apps on non-Apple devices using your iPhone by scanning a QR code using your iPhone's camera to authenticate with Passkeys. Google demonstrated the same passkey approach at Google I/O in May.

Apple and dozens of tech companies developed passkeys through the FIDO Alliance, a standards group that's worked for years to get companies to move beyond passwords. Google plans to introduce support for passkeys in Chrome and Android later this year so developers get start adapting websites and apps for the technology, and Microsoft plans passkey support in Windows in coming months.