Main section
Passkeys: password-free login
Passkeys not only make the login process simpler and more convenient for users, they also provide greater security. How does this technology work?
Passkeys: How does the password-free login work?
More and more often, passwords are no longer being required to log in to various online services. ‘Passkeys’, as they are known, enable both the login and authentication of the user. But how does this technology work and how secure is it? An overview.

What is a passkey?
Ein Passkey ist ein digitaler Berechtigungsnachweis für Online-Dienste. Er ermöglicht sowohl das Login als auch die Authentifizierung eines Nutzers, ohne ein Passwort und zum Beispiel einen SMS-Code eingeben zu müssen.
How does logging in with a passkey work?
In a nutshell: if the user wants to log in to an online service, their device will suggest the saved passkey for authentication. To confirm the login request, all they have to do is unlock their linked device, for example using a fingerprint sensor or facial recognition. This proves that they have access to the relevant passkey.
Passkeys vs passwords: a comparison in numbers
Passkeys: quicker, simpler and more secure
Passkeys are considered a simpler and more secure login method than passwords. But why is this the case?
Logging in using a passkey is simpler and more convenient for users, as there is no need for an additional second factor. Instead, they can authenticate themselves using a fingerprint sensor, facial recognition or a PIN. The private key is therefore the first factor and the fingerprint, for example, the second. Passkeys are also standardised. This means that they only have to be set up once and can then be used on all devices.
Passkeys are also a better alternative when it comes to security: instead of a password, only a public key is stored on the server. This makes it a much less interesting proposition for attackers who might want to hack into such servers. In addition, passkeys only work for registered websites and apps. The browser or operating system performs the check and thus protects users from phishing attacks.
A passkey is a secure, user-friendly digital verification that uses public key cryptography to replace passwords and additional second factors.
.png)
How exactly do passkeys work?
Passkeys are based on the principle of asymmetric encryption. A private key is stored on your mobile phone. You can visualise this as a long, randomly generated string of characters. Unlike a password, this is never shared with the linked online service. If you now want to log in to an online service, a login request is sent to your device. This signs the request with your private key and sends the request back to the online service for verification. Access to the private key is secured by means of a fingerprint, for example. The server then uses the public key to check whether the correct private key has been used and, if so, confirms the login request.
The advantages of passkeys summarised
- Protection against phishing
- Reduction of data security breaches
- More user-friendly login
Conclusion
Entering passwords is a thing of the past! Passkeys not only make the login process simpler and more convenient for users, they also provide greater security. The password-free login process is already supported by major providers such as Amazon and Google. In the near future, they will be joined by many more online services and passkeys will slowly but surely become the login standard.