Vincent
Created: August 23, 2024
Updated: September 4, 2024
Passkeys on macOS are stored in different locations depending on the method of storage. When using iCloud Keychain or Chrome, passkeys are stored in the Secure Enclave, a secure area within the device's hardware. If you use a third-party password manager like 1Password or Dashlane, the passkeys are stored and synced within the manager itself.
On macOS, the storage location of passkeys is determined by the specific service or application you use to manage them. Here's a breakdown of the different storage methods:
Secure Enclave: When using iCloud Keychain or Chrome on macOS, passkeys are securely stored in the Secure Enclave. The Secure Enclave is a dedicated security component built into the device’s hardware, designed to handle sensitive information such as passkeys, passwords, and cryptographic keys. The Secure Enclave ensures that your passkeys are protected from unauthorized access, even if the macOS system is compromised.
Synchronization: With iCloud Keychain, passkeys are not only stored securely but are also synced across all your Apple devices that are logged in with the same Apple ID. This allows for seamless access to your passkeys across multiple devices, while still maintaining high security standards (passkeys stored in Chrome profile are not synced).
If you opt to use a third-party password manager like 1Password or Dashlane, your passkeys are stored within the password manager’s vault. These managers typically provide their own syncing mechanisms to ensure that your passkeys are available across your devices. However, the security of your passkeys in this case is dependent on the security of the password manager.
Hardware-Level Security: The Secure Enclave is isolated from the main processor, which significantly reduces the risk of passkey theft from software-based attacks. This hardware-level security makes the Secure Enclave one of the most secure options for passkey storage on macOS.
Trusted by Major Platforms: Both Apple’s iCloud Keychain and Google’s Chrome Profile have chosen the Secure Enclave for storing passkeys, underscoring its reliability and security.
In summary, if you're using built-in tools like iCloud Keychain or Chrome Profile, your passkeys are stored in the Secure Enclave on macOS. If you’re using a third-party password manager, they will be stored within that application’s own secure environment.
Enjoyed this read?
🤝 Join our Passkeys Community
Share passkeys implementation tips and get support to free the world from passwords.
🚀 Subscribe to Substack
Get the latest news, strategies, and insights about passkeys sent straight to your inbox.
We provide UI components, SDKs and guides to help you add passkeys to your app in <1 hour
Start for free