We’re excited to announce that Okta now supports passkeys, a revolutionary new way to log in that is both more secure and easier than ever before.
For decades, the password has been the gatekeeper of our digital lives, but it’s a broken security model. Passwords are the weakest link in the security chain, prone to human error and vulnerable to phishing, credential stuffing, and brute force attacks. Even with an SMS or email one-time passcode, a determined attacker can still compromise an account.
That’s why here at Okta, we’re embracing passkeys.
What are passkeys?
Passkeys are the next-generation standard for passwordless authentication, built on the WebAuthn standard. Instead of a password, they use a unique cryptographic key pair for each user account.
- Your private key is stored securely on your device (e.g., your smartphone) and never leaves it.
- Your public key is stored on the website’s server.
When you log in, your device uses its private key to prove ownership to the website without ever transmitting the key itself. This is triggered by a simple, familiar gesture like a fingerprint scan, facial recognition, or your device’s PIN.
Why you should use passkeys today
Passkeys offer a powerful combination of enhanced security and a superior user experience.
- Phishing resistant: Because a passkey is cryptographically bound to a specific website’s domain, it cannot be used on a fake or malicious site.
- Simple and fast: Logins with passkeys are dramatically faster than passwords. FidoAlliance reports that logins are 20% faster on average.
- Cross-device syncing: With secure credential managers (like iCloud Keychain and Google Password Manager), passkeys sync automatically across a user's devices.
- No password to steal: Passkeys are not passwords, so they cannot be stolen in a data breach, phished, or brute-forced.
Why passkeys are the best option for Okta customers
Passkeys are the perfect tool to help Okta customers accelerate their passwordless journey because they’re:
- Phishing-resistant by design: This directly addresses the biggest modern security threat.
- Simple and secure: The user experience is so frictionless that it encourages adoption, while the underlying technology provides the strongest security available.
- A holistic solution: Passkeys can be used for consumer and workforce identity, across native apps and websites, making them a universal solution.
By embracing passkeys, you can deliver a superior user experience, reduce IT support costs, and help build a more secure, resilient identity foundation for the future. To get started today, all you need is Okta’s MFA or AMFA SKU.
Don't wait. Start your passwordless journey today with Okta.
Learn more about passkeys with Okta.
