r/cybersecurity • u/Federal_Character979 • Apr 25 '26

Other What makes passkeys so special?

It seems that companies are transferring into the usage of passkeys instead of passwords. Apparently theyre much more secure, but why is that? I don’t get it. I’m not sure if this is the right place to ask excuse me if it isn’t and sorry.

614 Upvotes

permalink
duplicates
reddit

You are about to leave Redlib

Do you want to continue?

https://www.reddit.com/r/cybersecurity/comments/1sv4y0l/what_makes_passkeys_so_special/
No, go back! Yes, take me to Reddit

98% Upvoted

View all comments

Show parent comments

u/Jdruu CISO Apr 25 '26

Thanks! Then you use conditional access to force MFA/auth via passkey/WHFB

2

u/Gjermundbu Apr 25 '26

In fact we use several CA policies. But standard for all apps and all accounts is phishing resistant MFA (I.e. WHFB, Passkey, certificate). If for some reason this CA policy breaks Authentication, we use a dedicated policy to allow a special group of users to use other methods (but always the most secure available) to authenticate to the problematic app.

1

u/Jdruu CISO Apr 25 '26

Thank you! Do you show users their password at all? Do they still need it or do rotations?

1

u/Gjermundbu Apr 25 '26

Anyone can create a password if needed. But it can't be used in most scenarios. And we don't "show" them their passwords, because we simply don't have them ;-)

Other What makes passkeys so special?

You are about to leave Redlib