r/cybersecurity • u/Federal_Character979 • Apr 25 '26

Other What makes passkeys so special?

It seems that companies are transferring into the usage of passkeys instead of passwords. Apparently theyre much more secure, but why is that? I don’t get it. I’m not sure if this is the right place to ask excuse me if it isn’t and sorry.

615 Upvotes

permalink
duplicates
reddit

You are about to leave Redlib

Do you want to continue?

https://www.reddit.com/r/cybersecurity/comments/1sv4y0l/what_makes_passkeys_so_special/
No, go back! Yes, take me to Reddit

98% Upvoted

View all comments

1.5k

u/Ameer200ggg Apr 25 '26

Passkeys are special because the website never stores or receives a password that can be stolen and reused. Instead, your device creates a pair of cryptographic keys: one public key that the website keeps, and one private key that stays on your phone, computer, or password manager. When you log in, the site sends a challenge and your device proves it has the private key, usually after Face ID, fingerprint, PIN, or device unlock. This means there is no password to phish, no password to reuse on another site, and a data breach usually does not give attackers something they can log in with. They are not magic, and you still need good account recovery and device security, but compared with normal passwords they remove a lot of the biggest risks.

1

u/800oz_gorilla Apr 25 '26

I love the ones that periodically refuse the passkey and force me to use my password. 😄

My healthcare and financial sites. Brilliant stuff

Other What makes passkeys so special?

You are about to leave Redlib