How do automatic passkeys work

Automatic passkey upgrades are a feature designed to enhance account security by transitioning users from traditional passwords to passkeys, which are more secure and resistant to phishing. Here’s how they work:

1. Lifecycle Management: Passkeys replace passwords, making the sign-in process easier and more secure. They are resistant to phishing and other forms of credential theft (What’s new in privacy).

2. Automatic Upgrade Process: When a user signs in with a password, the system checks if a passkey can be created for that account. If the conditions are met, a passkey is created automatically without interrupting the user’s flow. This process involves internal checks by the system and the credential manager to ensure the device supports passkeys and that the conditions for creating a passkey are satisfied (Streamline sign-in with passkey upgrades and credential managers).

3. User Experience: The user is notified that a passkey has been created, but there are no upsell screens or interruptions. This makes the transition to passkeys smooth and seamless (Streamline sign-in with passkey upgrades and credential managers).

4. Security Benefits: Passkeys eliminate the need for multiple steps in the sign-in process, reducing the risk of phishing. They provide a stronger security posture compared to traditional multi-factor authentication methods (Streamline sign-in with passkey upgrades and credential managers).

5. Implementation: Developers can add support for automatic passkey upgrades by including a new parameter in their registration API. This allows eligible users to have passkeys created automatically the next time they sign in (Platforms State of the Union).

Relevant Sessions

1. What’s new in privacy
2. Streamline sign-in with passkey upgrades and credential managers
3. Platforms State of the Union