Passkeys are the “new black” in the world of authentication! Cameo has supported logging in with a passkey long before they were called passkeys1. Now, password managers and many websites are starting to support passkeys, which makes logins easier and safer.
Contents
Passkeys
A passkey offers password-less logins. Your password manager stores a digital key (properly called a private key) and your website stores a matching lock (the public key). When you want to log in, the website provides the public key back to the password manager, where it checks for a match.
Where possible, the platform’s physical security protects the passkey. On iPhone you’ll need to use Face ID or Touch ID (fingerprint), for example. On Macs that have a fingerprint reader, you’d use that. Third-party password managers usually let you decide whether you need this verification.
Passkeys are much less vulnerable to hackers than passwords because:
- the credentials are generated randomly for you,
- are much longer than passwords,
- can never be shared, and
- are not stored by websites (so cannot be leaked; you can’t get the private key if all you have is the public key).
Passkey support
Products that now support managing passkeys include:
- Apple’s password manager on iPhone, IPad (some support in version 16, better in 17) and recent Mac Safari, synchronised between them,
- Windows 11 Hello (in Windows 22H2 and later)
- Bitwarden password manager (free; recommended where you use both Windows and Apple or a browser other than Safari on Mac); synchronised everywhere you have installed it
- 1Password (similar to Bitwarden, but paid subscriptions only)
As well as Cameo, many big-name websites and apps allow you to login with a passkey, particularly:
We expect most significant websites to offer logins via passkey soon.
Both Apple and Windows let you use your phone’s passkeys to log in to a desktop website, by scanning a QR Code. However, this is still quite clumsy: once you have the QR Code you can authorise easily, but it takes quite a few clicks to display the code in the first place. However, it does mean you can still use the passkeys on your phone if you are on someone else’s computer. Cameo offers a more direct solution to use your phone for login, though.
Adding a passkey for Cameo login
Once logged in to Cameo with a password
- go to profile → profile and log out
- click the passkey button
- follow the instructions for your chosen provider
Log in to Cameo using a passkey
The first time, on the login page:
- click log in with biometric/passkey/physical key.
- enter your email address
- click the login with key button
- follow the instructions for your chosen provider
Cameo remembers your choice in that browser. After that, it automatically takes you to that login screen, with your email address already filled in. So all you have to do is click the button to authorise the passkey app to let you in.
For example, an iPhone with FaceID just needs to see your face to complete authorisation; or scan your fingerprint on a TouchID-enabled Mac.
- They originally went under the terrible name webauthn. Strictly speaking, passkeys are just one way of using webauthn, which also includes hardware keys such as Yubico, where the hardware stores the public key. But in practice, this is what they’ll all be called now. ↩︎