LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

What exactly is a "passkey," and how does it relate to WebAuthn and FIDO2?

A passkey is the consumer-friendly name for a FIDO2/WebAuthn credential — a per-account public/private key pair generated and stored by your device, used to log in by signing a challenge instead of typing a password.

"Passkey" is the marketing term Apple, Google, Microsoft and the FIDO Alliance adopted for the credentials that the WebAuthn API creates. Under the hood it is exactly the WebAuthn/FIDO2 mechanism described above:

  • The device (or a security key, or a password manager) generates a key pair per account.
  • Only the public key is registered with the web service; the private key stays on the device.
  • Login works by the service sending a random challenge, the device signing it with the private key, and the service verifying the signature with the stored public key.

Per the c't reporting (mid-2023), passkeys were already usable at services like Adobe, GitHub, Google and Microsoft.

Tip: "Passkey" = the brand; "WebAuthn" = the browser API; "FIDO2" = the underlying standard family. Same technology, three names for three audiences.

Go deeper:

  • doc FIDO Alliance: Passkeys — the standards body's own definition of passkeys and how they relate to FIDO2/WebAuthn.

From Quiz: INTROL / Web Authentication: Cookies, OAuth 2.0 / OIDC & WebAuthn | Updated: Jul 05, 2026