How passkeys prevent Phishing attacks
Passkeys are tied to specific (https) websites. Browsers won't use a private key intended for one website to sign a challenge generated by a different site.
We're now live! Signup now
Passkey browser support in 2024
All the major browsers now support passkeys, however biometric support is often limited to those browsers with tight platform integration e.g. Safari on iOS and Chrome on Android.
These browsers are known to support passkeys as of April 2024.
MacOS
Safari - Uses native biometics e.g. TouchID for user verification.
Chrome - Note: TouchID based user verification is not currently supported.
Firefox - Whilst firefox supports the wider WebAuthn API, it doesn’t yet
support platform authenticators - i.e. the user will need to use a dedicated
authenticator like a YubiKey.
iOS
Safari - Uses native biometics e.g. TouchID/FaceID for user verification.
Chrome - Note: TouchID based user verification is not currently supported.
Windows 10+
Note: Windows does not sync passkeys, instead they are stored locally.
Edge - Uses Windows Hello facial recognition or PIN.
Chrome - As above.
Firefox - Whilst firefox supports the wider WebAuthn API, it doesn’t yet
support platform authenticators - i.e. the user will need to use a dedicated
authenticator like a YubiKey.
Android
Chrome - Fully supported, including biometrics & syncing.
Which browser versions support passkeys
Please see the caniuse page for version specific support.
Founder
Roaming passkey authenticators
Roaming authenticators allow users to sign in to a website on one device, using a passkey stored on a different device.
Two factor authentication using passkeys
Passkeys enable two factor authentication (including biometrics). Users can even use a biometric enabled device e.g. iPhone FaceID to authenticate against a device lacking this capability e.g. a desktop.