What are passkeys? The password replacement, and who still refuses to offer it
A new website has begun naming and shaming the companies that still do not let their users sign in with passkeys, according to TechCrunch, putting fresh pressure on the slow shift away from passwords. The campaign is a useful prompt to step back and ask what passkeys actually are, and why security experts are so eager to see them widely adopted.
A passkey is a credential that replaces the traditional password with a pair of cryptographic keys. When a user creates one, their device generates a private key that never leaves the device and a public key that is stored by the service. Signing in proves possession of the private key without ever transmitting a secret that could be stolen.
That design addresses the central weakness of passwords, which is that they are shared secrets. A password has to be sent to a server to be checked, can be reused across sites, and can be guessed, leaked or phished. A passkey cannot be phished in the same way because there is no secret for a victim to hand over to a fake site.
In practice, using a passkey feels familiar. A user typically authenticates with the same fingerprint, face scan or device PIN they already use to unlock their phone or laptop. The cryptography happens invisibly in the background, which is part of the appeal: stronger security with less friction than typing a complex password.
Passkeys are built on open standards developed by an industry alliance, which means they are not tied to a single company. They can sync across a user's devices through services like a phone maker's or browser's ecosystem, so a passkey created on one device can be available on another without exposing the underlying private key.
The security benefits are significant. Because there is no reusable password to steal, the most common attacks, credential stuffing, phishing and database breaches that leak passwords, lose much of their power. For ordinary users, a passkey can turn account takeover from a realistic threat into a much harder one.
Despite these advantages, adoption has been uneven, which is what the new website highlights. Many major services have added passkey support, but others still rely solely on passwords or treat passkeys as an obscure option. The campaign aims to make that gap visible and to pressure laggards to catch up.
There are genuine reasons adoption has lagged. Retrofitting passkeys into existing account systems takes engineering effort, support teams must handle new recovery scenarios, and companies worry about confusing users mid-transition. None of these is trivial, but advocates argue they are solvable and overdue.
For users, the practical advice is straightforward: where a service offers passkeys, enabling one generally improves security with little downside, especially for important accounts like email and banking. Passwords will not vanish overnight, but each passkey reduces exposure to the most common attacks.
The broader significance, the TechCrunch report suggests, is momentum. By publicly tracking which companies have and have not made the switch, the new website turns a slow technical migration into a visible scoreboard, nudging the industry toward a future in which the password, finally, plays a smaller role.
Read next
How liquid cooling cuts data-center water use to near zero: a simple explainer
A new data-center cooling design that runs warm, at around 45 degrees Celsius, can cut water use to almost nothing while keeping AI chips cool. This explainer breaks down why data centers consume so much water, how warm liquid cooling changes the equation, and what it means as AI demand grows.
AI was supposed to kill engineering jobs: why new data shows the opposite
Predictions that AI would wipe out software engineering jobs have not held up, with new data suggesting these roles are among the most resilient. Analysts point to a pattern in which AI tools make engineers more productive rather than redundant, even as the nature of the work shifts.
Google opens the Play Store to outside payments: what changes for apps and users
Google is finally allowing app developers to use alternative payment systems in the Play Store, a shift driven by antitrust pressure and legal settlements. The change could lower the fees developers pay and reshape how digital purchases work on Android, though the practical impact for users is still taking shape.
OpenAI and Broadcom unveil a custom chip built for AI inference at scale
OpenAI and Broadcom have announced a custom chip designed specifically to run large language models at scale, a move into in-house silicon that could reduce reliance on Nvidia. The chip targets inference, the work of generating responses from already-trained models, which now dominates the cost of running AI services.
Hollywood and OpenAI: how artificial intelligence is reshaping the cinema economy
Italian director Luca Guadagnino's new artificial-intelligence-themed film "Artificial" reflects a growing alignment between Hollywood's major studios and AI companies such as OpenAI. A report from The Verge sets out what the alignment means for the film industry.
