Password managers

Passkeys explained: the password replacement, in plain English

By Iulian · Published 6 June 2026

Some links on this page may be affiliate links. If you buy through them we may earn a small commission, at no extra cost to you. We only recommend tools we believe are genuinely worth it. Learn more.

For thirty years we’ve all coped with passwords — forgetting them, reusing them, getting them stolen. They’re finally being replaced by something better called a passkey, and you’ve probably already been offered one without quite knowing what it was. Here’s what they are and why they’re worth saying yes to.

What a passkey actually is

A passkey is a secure digital key stored on your device — your phone, laptop or password manager. Instead of typing a password, you unlock it with whatever you already use to unlock the device: your face, your fingerprint, or your PIN.

There’s no secret word to remember, and nothing to type. Under the bonnet, your device proves who you are to the website without ever sending a password that could be intercepted or leaked.

Why they’re genuinely safer

  • Phishing can’t touch them. A passkey only works on the real website it was created for. If you land on a convincing fake, there’s simply nothing for it to steal — which is a huge deal, because phishing is how most accounts get taken over. (See how to spot a phishing email.)
  • Nothing to leak in a breach. When a company gets hacked, there’s no password database to spill, because there’s no password.
  • Nothing to reuse. Each passkey is unique to one site, so the old habit of reusing one password everywhere just isn’t possible.

How to start using them

Lots of big services already support passkeys — Google, Apple, Microsoft, Amazon and PayPal among them. When you next see “Create a passkey” or “Sign in faster,” that’s the offer.

Where do they live? Either on your phone (synced through your Apple or Google account) or, better for most people, in a password manager that stores them and syncs across all your devices. If you don’t have one yet, start with how to set up a password manager and the best free options.

Try one on your most important account first. Add a passkey to your email or your password manager and use it for a week. Once you've signed in with a glance a few times, going back to typing passwords feels ridiculous.

The honest catch

Passkeys are still fairly new, so not every website offers them yet, and account recovery (if you lose all your devices) is still a bit clunky. For now, keep your password manager and two-factor authentication switched on as well — passkeys are joining your toolkit, not instantly replacing everything.

Wondering whether trusting a password manager with all this is wise? It is, and here’s why password managers are safe. More in our password managers section.