Chrome on macOS supports iCloud Keychain for Passkeys. For me, 1Password gets the first attempt at getting the passkey, but if locked, Chrome shows a prompt to use iCloud Keychain. Not on Windows PC though.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
iOS 18 and macOS Sequoia Let Websites and Apps Automatically Update Existing Logins to Passkeys
- Thread starter MacRumors
- Start date
- Sort by reaction score
The website says I need biometrics. I have a M2 Mini with a Logitech keyboard and a studio display. I don’t have FaceID or TouchID with this combination of Hardware.
Interesting - I use 1Password with typed password for passkeys. 🤷
Thanks for the info. Though my question is pertaining to those, like myself, who choose not to use iCloud Keychain. Passkeys currently require iCloud Keychain in order to setup and function, so I'm wondering if Cook & Co are planning on somehow ramming that 'upgrade' down my throat 'by default' as well.
Of course they are - this is what's best for you!
It takes courage to remove floppies, CDs, USB-ports and ... passwords ;-)
However, testing to use iCloud Keychain with Chrome prompts me with this, that I don't feel to comfy about... I trust 1Password more than Chrome (until proven wrong that is)...
Passkeys are safer and better and Apple is right to shift consumers away from passwords. This is nothing to do with locking people into Apple (as some imply in this thread). It's about doing what's best to protect consumers with defaults most normal people will sensibly never change.
Passkeys are great and all but most accounts still require a password to be set (that you won't then need to use) or need an authenticator (like Microsoft) but still offer a 'I've forgotten my password / lost my passkey' option - which is the default option hackers will concentrate on. Some accounts still use email as the last mile (send a password reset code to this), so no matter how strong passkeys are, your account may still be vulnerable to hacking via other means; for now, passkeys are just a convenience.
I’m going to suggest you learn a bit more before making statements that read as uninformed and/or silly.
Here is but ONE solution.
Make your passkeys and passwords available on all your devices with iPhone and iCloud Keychain
Use iCloud Keychain on iPhone to keep website passkeys, passwords, credit card information, and other account information up to date across your other devices.
support.apple.com
If you have additional gaps in knowledge after checking out that link, I’d further suggest stating that gap in the form of a question.
My thoughts exactly. This is well intentioned, but it’s going to be a nasty surprise for someone when they find themselves locked out of their accounts.
What? No.
Locking your windows even when your door can be sledge hammered down doesn’t make locking windows a “convenience”.
Do passkeys make you 100% immune in 100% of areas? No.
Are they good security that makes it exceptionally harder for people to use data leaks against you? Abso-frackin-lutely!
It's odd that this is not better publicised or widely known. You can set up additional trusted phone numbers to receive codes at login (where two factor is required): for example to icloud.com.
I've done this specifically so, if I'm travelling and lose my phone, I can buy a new one and, when required, contact (from the store or hotel) the trusted person to get the code. A great advantage of e-sim is that I'll be able to download a new sim card!
On OSX go into Apple ID / Sign in and Security / Two factor authentication in order to add more "Trusted phone numbers"
iOS can only upgrade a site to passkeys if the login is stored in Passwords. iOS can’t automatically upgrade a login stored in 1Password to a passkey, because iOS can’t pull information from 1Password without authenticating.
That is your view and of course you're entitled to hold it and make your own decisions. But I'm not here to discuss the merits or pitfalls of Passkeys. My only point is that in doing this, Apple will be de facto forcing Passkeys onto unsuspecting users. Many of whom will have already made their own informed choice not to use them. Apple doesn't, rather shouldn't, get to decide how I choose to handle my own web logins. It's none of their business.
Good to see that there is an option to turn it off
I just use 1Password, nice to have passkeys that can be used cross platform not only on my Mac but also with Windows and Linux and Android...And when using the command line...But to be fair for just basic users only with an iPhone/iPad/Mac this is a great feature.
It is important to note Apple is adding passkeys - not removing passwords… It gives you another option for logging in. There is a lot of confusion on this site by people who do not understand how passkeys work. The intent here (as I am interpreting) is for Apple to get passkeys into the hands of millions of people as an ALTERNATIVE (not a requirement). Once this happens people will start to understand what passkeys do and how they work, and we can finally begin to move away from insecure, inconvenient passwords.
Question about passkeys: are they susceptible to the current trend of someone watching you unlock your phone with a passcode (after a failed FaceID/TouchID unlock attempt) and then stealing it? I get the impression that if your FaceID/TouchID passkey authentication fails then it drops back to accepting your device passcode...
I recall seeing an article about this but I think it is total BS. It is inconceivable that this is an actual thing. How is it done? A thief follows a person for two straight days hoping to be present and in a place they can see them unlock their phone? Or a thief is scanning a big crowd of people hoping to catch someone unlocking their phone that just happens to have hit the 2-day time out period? There is probably a documented case of this happening somewhere isolation but I just cannot see that this could be an actual “trend”.
In any case, passkeys would be no better or worse for this. Whether iCloud Keychain is supplying a password or passkey will presumably be the same.
Here's where I'm getting lost. Passkeys use a biometric. My Mac mini has no camera or keyboard with Touch ID available. How would I use them, even if I wanted to?
It would work the same as passwords with iCloud Keychain work right now. The big difference is that your passkey cannot be stolen (eg by key logger, imposter websites, etc).
Passkeys don't use biometric. Passkeys are just keys generated by a hardware device. In order to 'sign' the key when using it you have to unlock your password management system. That could be done using biometric factors, but also using traditional methods when using your Mac mini. It basically acts like unlocking a password manager.
But how do you expect to test it with Chrome unless you give Chrome access to it? All it's being given access to is a list of websites/apps you've got passkeys for, so when you visit one, Chrome knows to let you use the passkey to sign in. Chrome won't have access to the authentication transaction.