Passkey

A passkey is a phishing-resistant FIDO2 credential stored in an operating system keychain (Apple Keychain, Google Password Manager, Windows Hello), a browser, or an authenticator app (Microsoft Authenticator, 1Password). Passkeys sync across a user's devices via the keychain provider's cloud sync (with E2E encryption), so a passkey created on iPhone works on iPad and Mac. They're authenticated with biometrics or a device PIN, never transmitted, and inherently resistant to phishing and replay. Microsoft Entra ID supports passkeys natively via Microsoft Authenticator and is expanding OS-native passkey support across platforms.