Passkeys

Passwords are typically the first line of defense in our digital lives but are at risk of being phished or leaked in data breaches.

To address these security threats in a simpler and more convenient way, Internet users need to move towards passwordless authentication. This is where passkeys come in. Passkeys are a significantly safer replacement for passwords and other phishable authentication factors. They cannot be reused, don't leak in server breaches, and protect users from phishing attacks. Passkeys are built on industry standards, can work across different operating systems and browser ecosystems, and can be used with both websites and apps.

Apple writes about passkeys that they're "a replacement for passwords that are designed to provide websites and apps a passwordless sign-in experience that is both more convenient and more secure".

We encourage NFID be used with passkeys since they offer incredibly strong security and convenience for you, and we encourage you register them on multiple devices in case one is lost.

Starting on a desktop computer

  1. Click on the "iPhone, iPad, or Android device" button to display a QR code.
  2. Scan the code with your personal phone or tablet, and follow the prompts to create your NFID.
  3. When your NFID is created and if your computer supports a biometric unlock, you'll have the option to create a passkey for fast, secure authentication.

Starting on a mobile device

Click on the "Continue with enhanced security" button to prompt the biometric device unlock, and follow the prompts to complete your registration.

The biometric prompts that appear will be different depending on the device you're on (desktop, tablet, or mobile) and the browser you're using (Chrome, Safari, Firefox, Edge, or Brave).

Registering a mobile device from a registered desktop

We do not yet have the ability for you to easily register a mobile device if your desktop is already registered, but you have other options in the meantime:

  • If you've used Google, you can sign in with Google on mobile
  • If you've used MetaMask, Internet Identity, or another Web3 wallet, you can sign in with them on mobile
  • If you've created a recovery method like a security key or recovery phrase, you can use them on mobile

Don't have devices with biometric unlocks?

If your device doesn't have the biometric unlock feature, you'll be offered to register a security key. We recommend you set one up as one way to recover your NFID.

Edit this page on GitHub Updated at Wed, Mar 8, 2023
Internet Identity Overview