What are passkeys?
Passwords have been with us for decades - and are also a constant source of irritation. They are forgotten, written down, chosen too simply or used multiple times. This not only leads to frustration among employees, but also to real security risks. This is exactly where Passkeys come in: a modern login method based on biometric data or security tokens - and makes the classic password superfluous.
Passkeys use, for example, fingerprints, facial recognition or a physical device such as a USB security key to confirm the user's identity. Access is immediate, without having to type anything in - secure, convenient and fast.
This is particularly practical in day-to-day business: the notebook is unlocked with a finger in the home office, the CRM tool in the office recognizes the face - and a small security token is all that is needed to log into the cloud system. The technology works on all common platforms: Windows, macOS, iOS, Android - and is already supported by many well-known services such as Microsoft, Google and Apple.
The biggest difference to passwords is that passkeys cannot be guessed, leaked or stolen via phishing. The data remains on the device and the login only works with physical access - an enormous security gain.
SAVE TIME
No more password stress
In everyday life, logging in with a fingerprint or facial recognition saves a lot of time - and nerves. Especially when changing workstations, hybrid meetings or on the go with a notebook, it becomes clear that if you can't log in, you lose valuable minutes. Passkeys make access seamless.
GAIN SECURITY
Increased security
Weak passwords, repeatedly used access data or insecure notes are a thing of the past. Passkeys make it much more difficult for attackers to gain access - and increase security in the company without overburdening users.
SIMPLY MANAGE
Reduced IT workload
No password resets, no forgotten logins, fewer tickets. IT departments benefit from a more stable infrastructure, less support effort and simpler onboarding processes - especially if several tools are connected via central authentication.
The solution is with CANCOM.
Whether a business laptop with fingerprint scanner, webcam with facial recognition or certified USB security key: In our online store, you will find a selection of devices that immediately support passkeys. This creates the basis for secure, password-free workplaces in your company.
Discover the latest devices with passkey support
Discover the latest devices with passkey support
How do passkeys work?
While traditional passwords consist of strings of characters that have to be created by the user and entered manually each time they log in, a passkey works completely differently - and much more elegantly. Technically speaking, it is an asymmetric key pair: a private and a public key.
The private key is stored securely on the respective device - for example, the company laptop or smartphone. It never leaves the device. The public key, on the other hand, is transmitted to the service provider when the passkey is created, for example a web application or a cloud login.
During the login process, the service sends a request: Is the user who is trying to log in actually authorized? The device responds by using the private key to create a cryptographic signature, which the service checks with the public key. Access is only granted if everything matches. A password is not transmitted - and therefore cannot be intercepted or guessed.
The login itself is convenient: either by fingerprint scanner, facial recognition, device PIN or with a FIDO2-compatible USB security key. The underlying technology is based on open standards such as FIDO2 and WebAuthn, which means that many operating systems and browsers are already compatible.
The private key is stored securely on the respective device - for example, the company laptop or smartphone.
The result: less effort, greater security - and a modern user experience that meets the requirements of contemporary corporate IT.
Passkeys: Frequently asked questions (FAQs)
What are passkeys?
- Passkeys are a new method of digital identification - without the need for a traditional password. Instead of memorizing character strings, passkeys use a key pair consisting of a private and public key. The private key remains securely stored on the device, while the public key is transmitted to the website or service.
- The special feature: The passkey can only be used from the correct device - for example by fingerprint, facial recognition or PIN. This makes phishing, data leaks or brute force attacks practically ineffective.
What do I need to use Passkeys?
- A service or website that supports passkeys (e.g. Google, Microsoft, ...)
- A device with biometric authentication (Face ID, fingerprint, Windows Hello)
- An account with a provider with a synchronization option (e.g. Apple iCloud, Google Account)
Are passkeys really more secure than passwords?
- Yes - because they are based on modern public key cryptography. The private key never leaves the device, cannot be intercepted and is unusable without biometric approval.
What is the difference to password managers?
- Password managers help to store passwords securely and use them automatically. However, they are still based on the classic principle: a “secret” (the password) is stored and transmitted repeatedly.
- Passkeys, on the other hand, do not transmit a secret - they use asymmetric cryptography. This makes them more resistant to phishing and completely independent of password quality. In addition, there is no need to remember passwords or change them regularly.
What happens if devices are lost?
- As long as passkeys are synchronized via a secure cloud, a new device can access the same login data - protected by re-authentication.
Can multiple devices use Passkeys?
- Yes - e.g. smartphone, notebook and tablet. The prerequisite is that they are all connected to the same user account (e.g. iCloud or Google account).
Does this also work in companies with Windows logins?
- Yes - Windows Hello supports passkeys and can be integrated into modern identity and single sign-on systems.
Are there any disadvantages?
- The most important point is that not all services support passkeys. Companies also have to make their systems compatible first. In addition, cross-device use is currently mostly tied to specific ecosystems (e.g. Apple, Google).
- This is a challenge for companies with BYOD strategies (Bring Your Own Device) and heterogeneous system landscapes.