Passkeys are Generally Available

We’re excited to announce passkeys are now Generally Available in the Okta Customer Identity Cloud to help businesses drive greater sign-up and sign-in conversion without compromising end-user security. 

Pioneered by the FIDO Alliance, passkeys are a password replacement that enable faster, easier, and more secure authentication experiences for consumers. They simplify account creation and login to a familiar device unlock mechanism using biometrics, a PIN, or a pattern.  

This release builds off our existing Early Access implementation but makes it easier for larger enterprises with a custom database to adopt passkeys and reduce their customers’ reliance on passwords. We’ve also improved the developer experience by expanding our SDK support.

Passkeys will remain available to all customers on all plans at no additional cost to help drive our industry towards a passwordless future. 

A refresher on why passkeys matter 

It’s 2024, Taylor Swift was just named Time Person of the Year, and passwords still suck. 

Though they’re what we’ve come to expect from the login box, passwords are not an ideal solution for today’s digital landscape. From a security perspective, passwords are phishable, stuffable, and snoopable. These weak characteristics and poor password hygiene are why 83% of data breaches are due to stolen credentials. And, financially, security breaches are costly. IBM found that the average breach in 2023 cost 4.45 million USD and is projected to increase. 

But, for consumer businesses, security isn’t the only consideration when building digital experiences. We live in a convenience economy where consumer expectations are higher than ever, and passwords are a common point of friction that negatively impact conversion rates. For example, a study by the FIDO Alliance found that over 50% of consumers will abandon a shopping cart purchase due to forgotten passwords. 

• More on why Andrew Shikiar, Executive Director and CMO of the FIDO Alliance, says, "Passwords are a drag on the top and bottom line,” on the Mistaken Identity podcast. 

Passkeys are faster, easier, and more secure 

Passkeys have garnered widespread interest from the industry, with companies like Amazon, TikTok, and Google rolling them out to their millions of users. 

The reason: They strike a balance between security and usability. 

A key trait of passkeys is that they’re phishing resistant. Unlike passwords, no shared secret can be exposed or stolen, making them significantly more secure for you, your company, and your customers. 

• See what our CISO of Customer Identity, Jameeka Aaron Green, says about the importance of phishing-resistant factors like passkeys on the Okta blog.

While the security benefits of passkeys are exciting to those of us in the industry, consumers will appreciate their convenience. Looking at metrics such as time to sign in, time to sign up, and sign-in success rate, passkeys are objectively faster and easier to use than passwords. 

• The FIDO Alliance found that passkeys result in a 25% increase in sign-in success rate and a 75% reduction in time to sign in compared to passwords 
• Our own internal testing found that passkeys were 83% faster for sign-in and 55% faster for account creation than passwords 
• Data from Google shows that users have a 4x higher sign-in success rate with passkeys than with passwords 

By removing the sign-up and sign-in friction posed by passwords, passkeys help businesses increase customer acquisition, retention, and loyalty.

What customers have to say about passkeys

Since our initial announcement, we’ve seen significant adoption of passkeys in our platform.

Here’s what some of our customers are saying:

“Using passkeys in our login flows means finally having a more secure login than passwords offer while still being user friendly.” — Jan Hermans, CEO of Intellifin 

“There’s a huge benefit of phishing protection for our customers with passkeys. And we see more sign-ups due to the ease of use.” — Jure Cerjak, Senior Engineer at Equito 

“Passkeys offer a number of positive impacts for our customers: faster login, no need to remember unique and secure passwords per site, no delays with MFA … the list goes on.”

— Michael Jefferson, Solutions Architect at Paychex

There’s a clear demand from businesses to invest in solutions that simultaneously reduce login friction and ensure end-user security. With the Okta Customer Identity Cloud, passkeys can be enabled with the flip of a switch and are one of many ways businesses can turn their login box into a differentiator for their brand. 

Ready to try out passkeys in your application? Check out this implementation post.

Additional Resources 

Passkeys 101
Passkeys Primer
Documentation
Press Release

These materials and any recommendations within are not legal, privacy, security, compliance, or business advice. These materials are intended for general informational purposes only and may not reflect the most current security, privacy, and legal developments nor all relevant issues. You are responsible for obtaining legal, security, privacy, compliance, or business advice from your own lawyer or other professional advisor and should not rely on the recommendations herein. Okta is not liable to you for any loss or damages that may result from your implementation of any recommendations in these materials. Okta makes no representations, warranties, or other assurances regarding the content of these materials.  Information regarding Okta's contractual assurances to its customers can be found at okta.com/agreements.