mathisworks/Getty Images

You probably have a lot of passwords in your life. 

Even with the help of password managers, passwords are becoming moreandmore of a burden for most people.

Also: 5 quick tips to strengthen your Android phone security today

Long gone are the days of being able to use and reuse rubbish passwords like p455w0rd123. Now all of your online accounts need to be protected by passwords that are both complex and unique.

And you've got to be ever vigilant in case one of your many passwords is compromised.

There's got to be a better solution. And there is.

Passkeys.

What are passkeys?

Passkeys are an authentication method for websites and apps that was first popularized by Apple back in June 2022 when the company added support for passkeys (yes, it's a common noun so it is written lowercase) in iOS and MacOS. However, it's not an Apple technology. It's a standard that's promoted by Google, Apple, Microsoft, the World Wide Web Consortium, and the FIDO Alliance.

Also: The best VPN services: Expert tested and reviewed

As for how it works, passkeys are cryptographic keys and each passkey consists of two keys, a public key that's registered with the online service or app, and a private key that's stored on a device such as a smartphone or a computer.

That all sounds complicated, but passkeys have been designed to be easy to use. In fact, to log in with a passkey you'll be using your face, a fingerprint, or a PIN in much the same way that you unlock your smartphone.

Passkeys in action

Adrian Kingsley-Hughes/

See? No passwords in sight. Nothing that needs to be remembered, and nothing to accidentally hand over to a hacker.

Passkeys can also get around the issue of having to synchronize passwords between your devices.

Also: 6 simple cybersecurity rules to live by

Say you normally log into your Google account using a smartphone, but you want to log in using a laptop. This is no problem even if the passkey isn't synchronized with the laptop, as long as the smartphone is within Bluetooth range of the laptop and the user approves the login.

What's even cooler is that the passkey isn't transferred between the smartphone and laptop, but instead after confirming the login the user will get the opportunity to create a passkey on the laptop.

Isn't logging into a website or app with your fingerprint or face risky?

No.

No biometric information is sent to the website or app that you are accessing; instead, this biometric information is only used to unlock the passkey on your device.

The biometric information never leaves the device.

What do I need to use passkeys?

Here are the system requirements for passkeys:

• A system running at least Windows 10, MacOS Ventura, or ChromeOS 109
• A smartphone or tablet running at least iOS 16, iPadOS 16, or Android 9
• Optional: a hardware security key with FIDO2 protocol support

Your computer or mobile device you will be using will also need a supported browser such as:

• Chrome 109 or greater
• Safari 16 or greater
• Edge 109 or greater

The major tech players -- Apple, Google, and Microsoft -- all have more information specific to how to use passkeys on their platforms.

Which websites support passkeys?

You can find a list of websites that support passkeys over on passkeys.io.

Some well-known websites and apps that support the technology include Adobe, Amazon, Google, PayPal, TikTok, Nintendo, and GitHub. Recently we've seen eBay and Uber both adding support for passkeys.

Passkeys are growing in popularity, and fast.

Has Google made passkeys the default login option for all personal accounts?

Yes. 

Google is now asking users to create a passkey and to begin using that passkey as their default login. The benefit: Using a passkey to log into your account is about 40 percent faster and a lot more secure than using passwords. Considering Google's reach, not only will this help spread the word about passkeys, but Google's move also will encourage other online services to do the same. 

In fact, Google is clear that its plan is to make "passwords a rarity, and eventually obsolete."

Not ready to use a passkey for Google yet? You can skip this option and continue to log into your account the old way. 

Do apps support passkeys or do I have to visit the website using the browser? What about iOS vs. Android?

It shouldn't matter (I can't speak for all apps). Passkeys should work whether you use a service using a browser or the app.

But the experience might not be universal. For example, Amazon has just rolled out support for passkeys, but support in the app is currently only available for iOS users. These are early days for passkeys, and soon we can expect accross the bard support.  

How can I get a feel for how passkeys work?

If you're not yet ready to take the plunge and start using passkeys, the best way to experiment with how they work is to use the demo over on passkeys.io. It will guide you through the process of setting up a passkey and using it to log into a site.

Using passkeys.io

Adrian Kingsley-Hughes/

If you're ready to take the plunge, a great place to start is by securing your Google Account with one. Not only has Google made the process easy, but there's also extensive documentation available.

Are passwords dead?

Unfortunately, we're a long, long, long way away from this. Passkeys, much like hardware security keys, offer a way for you to harden accounts and online services that support the feature.

Also: Why you can still trust (other) password managers, even after that LastPass mess

You're going to be needing passwords and password managers for a long time.

Do any password managers support passkeys?

Yes.

Two that I've tried areDashlane and 1Password . 

Security

8 habits of highly secure remote workersHow to find and remove spyware from your phoneThe best VPN services: How do the top 5 compare?How to find out if you are involved in a data breach -- and what to do next

• 8 habits of highly secure remote workers
• How to find and remove spyware from your phone
• The best VPN services: How do the top 5 compare?
• How to find out if you are involved in a data breach -- and what to do next