When Can Passkeys Be Used?
Vincent
Created: August 21, 2024
Updated: September 4, 2024
When Can Passkeys Be Used?#
Passkeys can be used for user authentication when the system meets specific requirements, such as compatible operating systems, necessary hardware like TPM or Secure Enclave, and support from the passkey provider. Typically, passkeys work on modern devices that run updated operating systems and have secure hardware components. Additionally, a WebAuthn server support is required at the relying party.
- Passkeys can be used on modern devices with updated operating systems and secure hardware components.
- A WebAuthn server implementation is required to use passkeys.
- Support from a passkey provider and the availability of Bluetooth are often necessary.
System and Hardware Requirements#
To use passkeys, devices must meet certain system and hardware requirements. These include:
- Operating System Version: Passkeys generally require the latest versions of operating systems, such as iOS 16+, macOS 13+, Android 9+, and Windows 10+. The system should support WebAuthn, the standard that enables passkeys.
- Hardware Requirements: Devices should have a Trusted Platform Module (TPM), Secure Enclave, or Trusted Execution Environment (TEE) to store the passkey securely. These hardware components ensure that the passkey is protected from unauthorized access.
- Bluetooth Availability: Some passkey implementations require Bluetooth to facilitate the communication between devices during the cross-device authentication.
Passkey Providers and Cloud Accounts#
To use passkeys, support from a passkey provider, such as Apple’s iCloud Keychain or Google Password Manager is necessary. These providers store the passkeys in the cloud, allowing users to authenticate across multiple devices. Users must have a registered cloud account with these providers to utilize passkeys. Alternatively, a third-party passkey provider (password manager) like 1Password or Dashlane can also be used.
WebAuthn Server Implementation#
For passkeys to function, the relying party (such as a website or app) must implement a WebAuthn server. This server is responsible for handling the creation, storage, and validation of passkeys during the authentication process. Without a WebAuthn-compliant server, passkeys cannot be used.
Availability Across Platforms#
- Apple Devices: Passkeys are available on Apple devices running iOS 16+ and macOS 13+. The devices must be signed in with an Apple ID and have iCloud Keychain enabled (or use a third-party passkey provider when running on iOS17+).
- Android Devices: Android devices running Android 9+ with Google Play Services enabled can use passkeys through the Google Password Manager (or alternatively a third-party passkey provider when running on Android 14+).
- Windows Devices: Windows 10+ devices with a Microsoft account can use passkeys via the Microsoft Authenticator app or Windows Hello (or via third-party passkey provider).
Share this article
Enjoyed this read?
🤝 Join our Passkeys Community
Share passkeys implementation tips and get support to free the world from passwords.
🚀 Subscribe to Substack
Get the latest news, strategies, and insights about passkeys sent straight to your inbox.
We provide UI components, SDKs and guides to help you add passkeys to your app in <1 hour
