macOS Ventura (and iOS 16 and iPadOS 16) introduces Passkeys, a replacement for passwords that are, in the tech giant’s words, “designed to provide websites and apps a password-less sign-in experience that is both more convenient and more secure.”
Passkeys are a new industry standard created by the FIDO Alliance and the World Wide Web Consortium that replace passwords with cryptographic key pairs, offering customers a simple and secure way to log in to PayPal based on technology that is resistant to phishing and designed so that there is no shared passkey data between platforms.
At this summer’s Worldwide Developer Conference, Apple announced Passkeys (with a capital “P”). The tech giant says that Passkeys are a standard-based technology that, unlike passwords, are resistant to phishing, are always strong, and are designed so that there are no shared secrets. They’re designed to simplify account registration for apps and websites, are easy to use, and work across all of your Apple devices, and even non-Apple devices within physical proximity. Users can use Face ID and Touch ID to authenticate their account.
Passkeys are end-to-end encrypted and sync across your Apple devices through the iCloud Keychain. Passkeys work by using your Mac or iPhone’s Face ID/Touch ID sensors to securely verify your identity, then, for example, log you in to a website.
This means whenever you’re prompted to create a new account online, instead of using the stand “email and password” set-up, you can create a Passkey instead of the password. When you log back into the account you’ll be prompted to verify your identity via Face ID or Touch ID.
How to turn on iCloud Keychain in macOS Ventura
° Choose Apple menu > System Settings (or System Preferences).
° Click your name, then click iCloud. In earlier versions of macOS, click Apple ID, then click iCloud in the sidebar.
° Turn on Password & Keychain.
Note that if/when you turn off iCloud Keychain, password, passkey, and credit card information is stored locally on your device. If you sign out of iCloud on that device while Keychain is turned on, you’re asked to keep or delete that information.
Setting Up Apple Passkeys
When you first access an app or website (and they’re not exactly abundant yet) supporting the FIDO Standard, you’ll be asked to register or set up an account.
° Tap the button.
° Enter your login information (a username, an email address, or an Apple ID).
° A prompt will be ask you to authenticate using Touch or Face ID. Now your passkeys will be created.
° A notification or prompt will ask if you wish to sign in using the saved passkey on your device the next time you sign in to the website or app.
° Click Continue.
Now your Mac, iPhone, and iPad will require your biometrics (Face ID or Touch ID) for authentication once you go to the website or use the app.
Note that, per Apple, Passkeys are only stored locally on your Mac and not on a server. This should add another level of security.