A passkey (pass keys) is a phishing-resistant sign-in credential that replaces passwords with public-key cryptography. When you register, your device creates a key pair: the service keeps the public key and your private key stays on your device or in a secure (optionally syncable) credential manager. To sign in, you simply unlock that private key locally (e.g., with a biometric or device PIN); nothing reusable or typable is shared with the website, and the credential is bound to the site’s domain to block phishing and credential-stuffing attacks. Passkeys can be device-bound or syncable, depending on implementation, and are based on the WebAuthn/FIDO standards.
For information about Passkeys, please view guidance from the following resources:
« Glossary Index