How to Create and Use Passkeys for Secure Login

What Are Passkeys?

Passkeys represent a modern authentication method, now supported by many platforms, that allows you to log in without entering a password or verification codes. They offer a highly secure way to protect your account by leveraging advanced cryptographic techniques.

Once you enable the passkey feature, at least one passkey must always remain linked to your account. You can reset your current passkey or add a new one before removing any you no longer wish to keep.

How to Create a Passkey

The verification methods for passkeys may vary depending on the platform or service you use. A passkey can be created using your phone's biometric data—such as fingerprint unlock or facial recognition—a USB security key, or another device like a secondary phone. Always follow the instructions provided during the setup process.

Prerequisites

Before creating a passkey, ensure you have at least one of the following:

• A mobile device running iOS 16.0.0 or later, or Android 7.0 or later.
• A USB security key compatible with the FIDO2 protocol.

Step-by-Step Creation Guide

1. Open your application, navigate to the menu, and select Profile and Settings.
2. Under the User Center, find Security and enter the Security Center.
3. Select the Passkeys option.
4. Choose Enable and complete the required security verification.
5. To create the passkey on your current device, select Continue and complete the biometric or PIN authentication.

6. To use a different device, select Other Options:

   • Choose iPhone, iPad, or Android Device to generate a passkey on another mobile device. Scan the QR code with that device to complete authentication.
   • Select Security Key (available only on iOS devices) to use an external security key. Insert the key and follow the prompts.

👉 Explore more secure login methods

Verifying with a Passkey

After enabling passkeys, you can use them for verification during login.

Using Your Current Device

• You will be prompted to use your passkey for login verification automatically.

Using Another Device

1. When asked to log in, select Other Login Options.
2. Choose iPhone, iPad, or Android Device and tap Continue to generate a QR code.
3. Use your other device to scan the QR code and complete authentication.

Managing Your Passkeys

Renaming a Passkey

To rename a passkey for easier identification:

• Go to Menu > Profile and Settings > Security > Security Center > Passkeys.
• Select the edit icon next to the passkey and enter a new name.

Resetting or Deleting Passkeys

For security reasons, resetting or deleting a passkey may trigger a 24-hour restriction on withdrawals and P2P trading:

• Resetting a passkey applies the restriction automatically.
• Deleting a passkey without using another for verification (e.g., relying on 2FA or facial recognition instead) also applies the 24-hour hold.

How to Reset a Passkey

If only one passkey is linked to your account, you will see only the Reset option. This ensures at least one passkey remains active at all times. Resetting replaces the current passkey with a new one.

1. Navigate to Menu > Profile and Settings > Security > Security Center > Passkeys.
2. Select the passkey to reset and complete verification.
3. If additional verification is required, the process may take up to 24 hours. You will receive a notification upon completion.

How to Delete a Passkey

You can delete a passkey only if you have more than one configured. If your account has 10 passkeys, you must delete one before adding a new.

1. Select the passkey you want to delete.
2. Complete the verification process to confirm.

Note: Deleting passkeys can reduce your account security level. Evaluate the risks carefully before proceeding.

Frequently Asked Questions

Q: What happens if I lose my device with the passkey?
A: If you lose your device, you can use another registered passkey or authentication method to access your account. You can also reset or remove the lost passkey from the security settings using alternative verification.

Q: Can I use passkeys on multiple devices?
A: Yes, you can create and register passkeys on multiple devices. This allows you to authenticate from any trusted device without relying on a single phone or key.

Q: Are passkeys more secure than traditional passwords?
A: Absolutely. Passkeys use public-key cryptography and are resistant to phishing and brute-force attacks. They also eliminate the risk of password reuse across platforms.

Q: What if the biometric authentication fails on my device?
A: If biometrics fail, you can use your device's PIN or password as a fallback. For external security keys, ensure they are properly connected and functional.

Q: Can I use passkeys without an internet connection?
A: Passkeys require an internet connection for initial setup and authentication. However, the cryptographic operations occur locally on your device for enhanced security.

Q: How do I update my passkey if I get a new phone?
A: You can add a new passkey from your new device and then remove the old one from the security settings. Ensure you have at least one active passkey throughout the process.

👉 Get advanced security strategies