Passkeys ReviewsAdobe Passkeys: Analysis of Sign-Ups and Logins
Analyze best practices for Adobe passkeys. Tailored for developers and product managers seeking to enhance security and user experience.
Janina
Created: October 2, 2023
Updated: June 3, 2024
TL;DR
- Passkey availability since May, 2023
- Passkeys are only available at login, not at initial sign up for an account (yet)
- Creation currently only works manually via the Sign-in and security section in the Adobe account settings
- Adobe pushes the transition to passkey login for new users by clearly highlighting the option when visiting the Sign-in and security page for the first time
- Availability of passkeys on all major platforms (iOS, macOS, Windows, Android), but does not work with Chrome on iOSConditional UI functionality is enabled, providing a seamless user experience
Recent Articles
1. Introduction
More and more companies from a wide range of industries are stepping into a password-free world and implement passkeys. Through this series of articles, we aim to provide a comprehensive overview of the passkey user experience of those companies. This should enable you to incorporate these findings and enhance your product login accordingly. In each article, we focus on a single company. Today, we dive into Adobe. Since May 2023, existing Adobe users can create passkeys for their account and log in with them. As a multinational software company with products widely used across numerous industries, Adobes introduction of passkeys can encourage other software and service providers to consider or adopt the new login standard.
Disclaimer:
- Status of the analysis is September 2023. Passkey features are subject to change by companies on an ongoing basis.
- Please refer to the use cases to find the devices we used for the analysis.
2. Key insights from Adobe passkeys analysis
In this section, we present the most important insights we have gained from the analysis of Adobe passkeys.
2.1 Highlights of Adobe passkeys implementation
2.1.1 Hybrid rollout strategy
Currently, Adobe passkeys are limited to logging into already existing Adobe accounts. To initially set up a passkey for the device used, you must first go to the account settings in your Adobe admin area. The passkey can then be created manually in the 'Sign-in and security section. This is probably done to start with low risk and find bugs with early adopters (as passkeys flows, especially for cross-device and cross-platform processes are quite complex to implement). Even though this approach may be less user-friendly at the moment, it helps to gather feedback and ensures a careful transition to passkeys especially for all non-technical users who may not be familiar with passkeys as an additional login option. This rollout strategy is to ensure a careful transition to passkeys for existing users.
In any case, Adobe has ambitions totransform as many users as possible to passkeys: For example, a user who hasjust created an account and is in the 'Sign-in and security settings' for thefirst time will be shown the option to generate a passkey right at the top. Thebenefits are also highlighted, which emphasizes that Adobe is pushing thetransition to passkeys.
2.1.2 Enabled Conditional UI feature
One prominent feature of Adobe passkey implementation is the immediate integration of Conditional UI. The powerful feature leverages the autofill function passkeys provide, enhancing user convenience. It automatically suggests and prefills passkeys as soon as the user clicks on the username input field. Adobe users can experience the time-saving benefits of passkeys without the need for manual search or entry of credentials (not even usernames!), as they are already stored in the device / browser and are automatically pre-filled.
2.1.3 Insightful passkey properties
In the Sign-in and security section where users can view all their saved passkeys, Adobe offers insightful details about each passkey. It indicates the device, operating system and browser on which the passkey was generated. Moreover, timestamps provide when the passkey was last used.
2.1.4 Clear and simple user communication
Adobe uses the term passkeys. Besides, as with Google passkeys (check out our analysis on Google passkeys for more information), the reference is drawn to the underlying concept of biometric authentication here as well, with which the vast majority of users are likely to be familiar. To assist users who are unfamiliar with passkeys or are looking for more information, Adobe provides detailed explanations that cover passkeys in general, as well as setup and deletion in order to counteract any possible fears of users at an early stage. This highlights their effort to persuade users about the benefits of passkeys and promote passwordless authentication.
2.2 Drawbacks of Adobe passkeys implementation
2.2.1 Occasional unavailability of platform-browser combinations
Currently, Adobe passkeys cannot be used on all devices or browser-operating system combinations. For example, you cant use passkeys on Windows in general or Chrome on Mac yet. Therefore, users still have to log in with their password every now and then, which decreases the overall user experience.
2.2.2 No smart passkey management
Even if a passkey is already stored in the Adobe account for a device, the Add button remains visible, allowing users to manually start the creation process for a new passkey. This implies that Adobe does not clearly detect beforehand whether a passkey might have already been created for this device. If you try to recreate a passkey, you will be informed that a passkey has already been generated for this device in a proper manner (no bug) and the new one will not be stored.
3. Passkey setup in your Adobe account
Adobe has published detailed explanation of passkeys and guidance on how to set them up, log them in, and delete them. This reflects their recognition of the need to educate users about the technology and functionality behind passkeys, as not everyone may be familiar with them yet.
To register new passkeys for your Adobe account (on desktop and mobile version), follow these steps:
-
Click the account icon in the top right corner and then View Account
-
Click on the Account and security tab
-
Click on the Sign-in and security tab
- Click on the Add button at the Passkeys section
4. Analysis of the login process
4.1 Tested cases
Note that we have only performed the use cases with passkey-ready devices (e.g., no iPhone prior to iOS 16.0, no MacBook prior to macOS Ventura, no Windows device prior to Windows 10). We use the same Adobe account for every use case.
| MacBook (macOS Ventura 13.3.1) | iPhone (iOS 17.0) | Xiaomi Mi 10 (Android 11) | |
|---|---|---|---|
| Multi-device passkey | Use case 1 (Safari) | Use case 2 (Safari) | Use case 3 (Chrome) |
| Single-device passkey | N/A | N/A | N/A |
Use case 1: MacBook Safari passkey creation / login
| Use case | MacBook Safari passkey creation / login |
|---|---|
| Use case number | 1 |
| Device | MacBook |
| Operating system | macOS Ventura 13.3.1 |
| Browser | Safari |
| Platform | Apple |
| Synced in | Apple iCloud Keychain |
To initially set up the first passkey for our Adobe account, we click on Add at the Passkey section as shown before.
It is noteworthy that at this point the user is informed about what passkeys is all about. By clicking on the Learn more about Passkeys link, the user gets detailed information about what passkeys are, how to set them up, how to log in with them, and how to remove them. This shows that Adobe wants to educate users who do not yet know passkeys.
After clicking on Add the default Apple passkey pop-up appears that prompts us to use Touch ID to set up the passkey.
Once successfully registered, we receive a notification confirming the successful generation of the passkey.
In the sign-in and security settings, we can now view details about the passkey or even remove it again. The properties include information about the device, operating system, and browser on which the passkey was created, along with a timestamp when it was last used.
When using the same browser-operating system combination for which a passkey has already been stored, Adobe does not detect this immediately and displays the Add option anyway. However, as soon as you try to create a passkey, an error message appears and the process is interrupted.
If we want to log in to Adobe on the MacBook, we use the passkey previously created on this or on another device that has a passkey stored in the iCloud keychain (e.g. an iPhone). Due to the enabled conditional UI the stored passkey will be automatically suggested as soon as we click on the email address field. Though the credentials are filled in automatically, we have to click on the Continue button again.
We now have the option to either log in with Touch ID via Conditional UI (the process is identical to auto-filling the email address) or by clicking Sign in with passkey. In both cases we only have to verify our identity with Touch ID to successfully retrieve the passkey, granting us access to our account.
4.1.2 Use case 2: iPhone Safari passkey creation / login
| Use case | iPhone Safari passkey creation / login |
|---|---|
| Use case number | 2 |
| Device | iPhone |
| Operating system | iOS 17.0 |
| Browser | Safari |
| Platform | Apple |
| Synced in | Apple iCloud Keychain |
Note: In this use case, we generate a passkey on iPhone Safari. The process for generating the passkey for is the same as the one for MacBook Safari, with the only difference that we create the passkey via Face ID instead of using Touch ID.
To initially set up the first passkey for our Adobe account, we click on Add at the Passkey section as shown before.
It is noteworthy that at this point the user is informed about what passkeys is all about. By clicking on the Learn more about Passkeys link, the user gets detailed information about what passkeys are, how to set them up, how to log in with them, and how to remove them. This shows that Adobe wants to educate users who do not yet know passkeys.
After clicking on Add, the default Apple passkey pop-up appears that prompts us to use Face ID to set up the passkey.
Once successfully registered, we receive a notification confirming the successful generation of the passkey.
In the sign-in and security settings, we can now view details about the passkey or even remove it again. The properties include information about the device, operating system, and browser on which the passkey was created, along with a timestamp when it was last used.
When using the same browser-operating system combination for which a passkey has already been stored, Adobe does not detect this immediately and displays the Add option anyway. However, as soon as you try to create a passkey, an error message appears and the process is interrupted.
If we want to log in to Adobe on the iPhone, we use the passkey previously created on this or on another device that has a passkey stored in the iCloud keychain (e.g. an MacBook). Due to the enabled conditional UI the stored passkey will be automatically suggested as soon as we open the sign in page in the browser. You can now either sign in with the credentials suggested by Conditional UI or click 'Sign in with passkeys'.
If you are using the email address suggested by Conditional UI, you still have to click the Continue button again (though the credentials are filled in automatically).
We now have the option to Sign in with passkey: After verifying our identity with Face ID, the passkey is successfully, granting us access to our account.
If you decide to click on Sign in with passkey in the step before, the appropriate passkey from Conditional UI will be suggested to you immediately. The default iPhone passkey pop-up (same as above) appears and you will only have to sign in with your Face ID.
4.1.3 Use case 3: Adobe Android Chrome passkey creation / login
| Use case | Android Chrome passkey creation |
|---|---|
| Use case number | 3 |
| Device | Xiaomi Mi 10 |
| Operating system | Android 11 |
| Browser | Chrome |
| Platform | Android |
| Synced in | Google Password Manager |
In this use case, we generate a passkey on an Android device in the Chrome browser and store it in the Google Password Manager. The process for generating the passkey for the Android device is the same as the one for the iPhone e.g., with the only difference that we create the passkey on Android using fingerprint scanning instead of facial recognition and that in this step it is possible to specify the Google account where the created passkey will be stored and synced.
Once our fingerprint was successfully registered, we receive a notification confirming the successful generation of the passkey. The passkey is now displayed in the Passkeys section in the sign-in and security settings.
Like the iPhone, the Android phone does not recognize that a passkey already exists on the device and continues to display the option to add a passkeys. If users then want to set up a passkey, Adobe detects this and prevents the creation of a new and overwriting of an existing passkey. Further, the phone does not recognize if there is already a passkey for another Android phone stored in the Google Password Manager and allows the creation of a second passkey.
If we want to log in to Adobe on the Android, we use the passkey previously created on this device. First, the email address input field is empty and the passkey window will not appear immediately, but due to the enabled conditional UI the stored passkey will be automatically suggested and pre-filled as soon as we click on the field.
After verifying our identity with fingerprint scanning, the passkey is successfully retrieved, granting us access to our account.
5. Conclusion
Adobe's entry into the world of passkeys highlights the industry's shift toward passwordless authentication, enabling greater security without compromising the user experience. The phased implementation approach underscores Adobe's commitment to addressing bugs early on to deliver a particularly smooth login experience. By providing informative user education, Adobe ensures that its large user base stays informed and comfortable with this new authentication method. In particular, features such as syncing passkeys between the native app and browser, as well as the integration of the Conditional UI functionality, set a new standard for all major enterprises soon to adopt passkeys.
Share this article
Table of Contents
Enjoyed this read?
🤝 Join our Passkeys Community
Share passkeys implementation tips and get support to free the world from passwords.
🚀 Subscribe to Substack
Get the latest news, strategies, and insights about passkeys sent straight to your inbox.
We provide UI components, SDKs and guides to help you add passkeys to your app in <1 hour
Start for free
