Slowly but surely, some platforms are embracing passkeys to provide an easy and more secure login alternative to passwords. The latest notable company to enable passkeys is X (formerly Twitter), though only for US-based users on iOS for now.
When you set up passkeys for an account, your device generates one public key and one private key. The private key stays on your device, while the shared public key is stored on the platform you want to sign into (in this case, X). Once you’re all set up, you can choose a passkey option instead of a password to log in to an X account. Your device will authenticate your identity using the public key. The same passkey will work across all devices that are signed into the same iCloud account.
Logging into a supported account is akin to unlocking your phone — you’ll simply use a PIN, fingerprint or face scan for authentication. You wont need to remember any passkeys and they’re broadly secure. For one thing, passkeys make phishing attacks far more difficult to pull off.
Today we’re excited to launch Passkeys as a login option for our US-based users on iOS!
A passkey is a new, easy to use, and secure way to log in to your account - all from your device. Passkeys are more secure than traditional passwords since they’re individually generated by…
— Safety (@Safety) January 23, 2024
To set up a passkey in X, log into the iOS app with the account you’d like to use it on. Navigate to Your account > Settings and privacy > Security and account access > Security > Additional password protection. In this menu, select Passkey. You’ll then need to enter your password and follow the prompts.
If you change your mind and wish to delete your passkey, follow the same steps. After you enter your password, you’ll see the option to Delete a passkey.
X says it won’t require users to sign up for passkeys, but it’s not a bad idea to do so if you find other multi-factor authentication methods (such as inputting a code from an authenticator app cumbersome). Passkeys also effectively nullify X’s SMS-based two-factor authentication method, which the company has paywalled behind X Premium.