What is a passkey?

Passkey is a way to log in without a password.

Typically, a passkey is a smart device that you have — It could be your desktop computer, your laptop computer, your tablet or mobile phone, etc. Those device can even enables you to use your fingerprint, your face, or a physically hardware key that you have (such as a Yubikey) as a method of authentication.

MyRichmond will remember your device, and use it as a “key” for your account. A lot of security happens behind the scenes, but the main benefit of passkeys is that they can’t be stolen like passwords.

Passkey is a password replacement that’s more secure and easier to use. Passkeys are better than passwords because passkeys can’t be phished or stolen. They’re easy to set up and use, and you don’t need to memorize additional password, which adds both security and convenience.

The “key” device would still requires some form of user verification. This could be through entering a password or PIN or using biometrics (such as Face ID or Touch ID) — Even if attackers know the password or PIN of your device, since they do not physically have your device, they would not be able to login to MyRichmond.

Your passkeys are stored securely in a vault on your device, such as your device’s keychain or your password manager. Since passkeys can sync across devices, they’re seamless and convenient to use.

For more information on what passkeys are, please watch the following video from Microsoft: