Last year I wrote a blog about going passwordless (you can check it out here: https://www.lookingpoint.com/blog/passwordless). Now I’m doubling down and telling you that passwords are outdated. They’re reused, guessed, phished, and stolen. Despite password managers and multi-factor authentication (MFA), the underlying security model of passwords is inherently weak.

Say hello to passkeys — a modern, phishing-resistant, passwordless login technology backed by giants like Apple, Google, and Microsoft. They're safer, easier, and already available across many platforms. Let’s dive into how to create them, why they’re better, and why you should switch.

What Are Passkeys?

A passkey is a cryptographic key pair — a public key stored by the website or app, and a private key stored securely on your device (e.g., phone, laptop). The private key never leaves your device and is used to authenticate you via biometrics (Face ID, fingerprint) or device PIN.

They're based on FIDO2/WebAuthn standards and eliminate the need for typing or remembering passwords.

🔐 Why Passkeys Are More Secure Than Passwords

Key benefits:

• Phishing-resistant: No chance of typing credentials into a fake site.
• No reuse: Each passkey is unique to one site/app.
• No server-side secrets: Even if the site is hacked, there’s nothing to steal.
• Biometric-enabled: Logging in feels like unlocking your phone.

How to Create and Use Passkeys

• Passkeys are already supported in macOS, iOS, Android, Windows, Chrome, Safari, Edge, and many websites like Google, GitHub, Amazon, and PayPal.
  
  
• If you need more convincing before trying this out on one of your existing accounts, create an account and take a passkey for a test drive here:
  •    https://passkeys.io
  •    While you’re there, click on the “Who supports passkeys?” link at the top!
• One thing to note is passkey storage. If you store a passkey on your iPhone for example, you may be able to go to a website from a Windows machine for example, and “login with a passkey from another device” which will let you scan a QR code with your phone and allow you to login without a password.
  •    There are also some password managers that can be run on multiple devices and will store passkeys and let you leverage them wherever you login.

Example: Creating a Passkey on Google

1. Go to https://myaccount.google.com/security
2. Under “How you sign in to Google,” click Passkeys.
3. Choose Create a passkey.
4. Approve using Face ID, fingerprint, or device PIN.
5. Done! You can now log in without a password.

Other Sites Supporting Passkeys

• GitHub: Settings → Password and authentication → Passkeys
• PayPal: Settings → Login and Security → Passkeys

Apple Ecosystem (iOS/macOS)

• Stored in iCloud Keychain
• Syncs across devices
• Create via Safari login pages or app prompts

Android Ecosystem

• Stored in Google Password Manager
• Synced via your Google account
• Create during login or security settings

Why You Should Start Switching Today

Passkeys aren’t just more secure — they’re easier to use:

• No need to remember anything
• No more 2FA codes or authenticator apps
• No phishing or credential leaks
• You’ll never get locked out due to password mistakes

They're also future-proof: Apple, Google, Microsoft, and the FIDO Alliance have made clear that passkeys are the long-term replacement for passwords.

How to Transition

1. Enable passkey support where available (Google, Apple, GitHub, Amazon, etc.)
2. Use a cross-device ecosystem (iCloud Keychain or many password managers)
3. Start replacing passwords on sites that offer passkeys
4. Use fallback options like password managers for non-passkey sites (for now)

The Bottom Line

Passwords are a relic. Passkeys are the future — and they’re already here. With better security, convenience, and no user memorization required, the case is clear:

🔑 Start using passkeys where you can. Each one is a step toward a passwordless, safer internet.

After reading this, I hope you see the value in moving from passwords to passkeys. I would urge you to pick just one site and try it out, and I’m confident that once you see how easy it is, you’ll start wondering why more sites aren’t offering passkeys instead of passwords.

LookingPoint offers multiple IT services if you’re interested. Want more information, give us a call! Please reach out to us at sales@lookingpoint.com and we’ll be happy to help!