f in x
Passkeys Have Not Yet Killed Passwords Despite Over 15 Billion Compatible Accounts
> cd .. / HUB_EDITORIALE
News

Passkeys Have Not Yet Killed Passwords Despite Over 15 Billion Compatible Accounts

[2026-07-10] Author: Meteora Web Redazione
Zenithby Meteora Web The operating system for your business. Social, clients, bookings and invoices in one platform. Gyms, barbers, professionals. Discover Zenith Free demo · no card

For years, bullish supporters have heralded passkeys as the future of sign-on, while traditional passwords are seen as a relic of the past. Yet in daily practice, many users still type passwords countless times a week. Despite impressive adoption — over 15 billion accounts now support passkeys, according to the FIDO Alliance — their usage remains far from universal. Google reports that its own passkeys have authenticated users over a billion times across more than 400 million accounts. At WWDC 2025, Apple introduced a new account creation tool that lets apps sign you up with a passkey from the start, so no password is ever required. Microsoft went further by making new accounts passwordless by default. However, passwords are still very much alive.

How passkeys work explains why they are more secure

A passkey consists of two cryptographic keys: a private key that never leaves the user's device and a public key stored on the website being accessed. When signing in, the device proves it holds the private key without ever sending data a cybercriminal could intercept, making passkeys immune to phishing. On Apple devices, Face ID or Touch ID handle verification while the private key resides in the Secure Enclave. If you use multiple devices, iCloud Keychain syncs the private keys across iPhone, iPad, and Mac, all within Secure Enclave-protected boundaries.

Sponsored Protocol

Corporate resistance to passkey adoption slows the transition

Despite the benefits, many companies are reluctant to abandon passwords. A new website recently appeared to shame popular services that still don't offer passkeys, including Instagram, Spotify, and Netflix. The main reason for resistance is account recovery. FIDO2, the standard passkey protocol, has no built-in recovery flow. If a user loses all devices holding their passkeys, the fallback is an email reset link — exactly the weak point passkeys were meant to eliminate. Consequently, many SaaS companies keep the old password field on the login screen as a backup.

Sponsored Protocol

Portability and interoperability remain open challenges

Portability is another hurdle. Since passkeys live in iCloud Keychain, Google Password Manager, different browsers, and so on, those vaults do not communicate and cannot hand credentials to each other. Switching ecosystems can therefore turn passwordless into lock-in. Apple made a significant move with iOS 26 by introducing cross-platform passkey import and export, a notable shift from its previously closed Keychain ecosystem. However, until the Credential Exchange Protocol works seamlessly across all platforms, the transition will remain bumpy.

Sponsored Protocol

The future of passkeys is promising but still distant

The cryptography behind passkeys is sound and offers superior phishing resistance. Yet the real problem is not technical but operational: recovery must be reliable, portability seamless, and websites must actually remove the password field. Apple is ahead of most with the smoothest ecosystem experience and shipped export support before Google. But until these gaps are closed, passwords will not disappear anytime soon. For more on related security topics, check out our article on MQTT for IoT. For a general overview of passkeys, see the Wikipedia page.

Source: https://9to5mac.com/2026/07/10/security-bite-passkeys-were-supposed-to-have-killed-the-password-by-now

Meteora Web Redazione

> AUTHOR_EXTRACTED

Meteora Web Redazione

La redazione di Meteora Web Agency: ingegneri informatici e professionisti del digitale che pubblicano ogni giorno news e approfondimenti su tecnologia, software, marketing e innovazione.
[ Read Full Dossier ]

> METEORA_WEB // DIGITAL AGENCY

We build the digital presence your business deserves.

Websites, social media, online advertising, e-commerce and high-performance hosting, engineered with method by computer engineers in Sciacca, for all of Italy.

> MW_JOURNAL

> READ_ALL()