What if a Passkey Device is Lost?

What if a Passkey Device is Lost?#

If a passkey device is lost, users can still access their accounts because passkeys are synchronized across the user's ecosystem, such as Apple iCloud Keychain, Google Password Manager, or via a third-party password manager (e.g. 1Password, Dashlane, Bitwarden).

Try passkeys in a live demo.

Try Passkeys

This ensures that passkeys are available on all devices connected to the same account, meaning that losing one device does not lock you out of your accounts. However, it is important to secure your cloud account or third-party password manager with strong security measures like two-factor authentication (2FA) to protect your passkeys from unauthorized access.

If a passkey device is lost, accounts are still accessible through synced passkeys across the user's ecosystem.
Passkeys are stored and synchronized in ecosystems like Apple iCloud Keychain and Google Password Manager, or via third-party password managers, making them available on other connected devices.
Ensure your ecosystem is secured with strong security measures like two-factor authentication (2FA).

What happens if your passkey device is lost?#

Losing a device that holds your passkeys might seem alarming, but the way passkeys are designed ensures that you can still access your accounts without much hassle. Here’s how it works:

Ecosystem Synchronization: Passkeys are not stored on a single device; instead, they are synchronized across the user's ecosystem (e.g. Apple iCloud Keychian or Google Password Manager) or third-party password manager (e.g. 1Password, Dashlane or Bitwarden). This means that if you lose one device, the passkeys are still available on other devices within the same ecosystem. For example, if you lose your iPhone but have an iPad or a MacBook connected to the same Apple ID, your passkeys will be available on those devices.

See how many people actually use passkeys.

View Adoption Data

Security Measures: While ecosystems make it easier to access your passkeys from multiple devices, it’s crucial to protect your ecosystem with strong security measures. This includes using a robust password for your primary account and enabling two-factor authentication (2FA). This way, even if someone gains access to your lost device, they would still need to bypass these additional security layers to access your passkeys.
Recovery Options: In case all devices are lost or inaccessible, most ecosystems offer recovery options, such as using a recovery key or contacting support to regain access to your account. However, this process might vary depending on the ecosystem, so it's advisable to familiarize yourself with the recovery options provided by your specific ecosystem (Apple, Google, etc.).

Best Practices for Securing Your Passkeys#

To minimize the risk associated with losing a passkey device:

Enable Two-Factor Authentication (2FA): Adding an extra layer of security to your ecosystem account can prevent unauthorized access even if a device is lost.
Regularly Update Your Devices: Keeping your devices and software up to date ensures that you have the latest security patches and features that protect your passkeys.

About Corbado

Corbado is the Passkey Intelligence Platform for CIAM teams running consumer authentication at scale. We help you see what IDP logs and generic analytics tools can't: which devices, OS versions, browsers and credential managers support passkeys, why enrollments don't turn into logins, where the WebAuthn flow fails and when an OS / browser update silently breaks login, all without replacing Okta, Auth0, Ping, Cognito or your in-house IDP. Two products: Corbado Observe layers observability for passkeys and any other login method. Corbado Connect adds managed passkeys with analytics built in (alongside your IDP). VicRoads runs passkeys for 5M+ users with Corbado (+80% passkey activation). Talk to a Passkey Expert →