Device-bound Passkeys Page

But for the first time in decades, we have a tool that truly eliminates remote credential theft. Not reduces it. Eliminates it.

Yes, losing the device becomes a bigger deal. (Backup codes or a second hardware key solve that.) And yes, it’s slightly less convenient than cloud sync. device-bound passkeys

Device-bound passkeys are the seatbelt of the modern web: slightly less comfortable, but you’ll be glad you used them the day someone tries to break in. But for the first time in decades, we

That world is here. They’re called .

Imagine a world where "hacking your password" is impossible—not because your password is a 20-character monster of symbols you can’t remember, but because the key to your account literally never exists on a server to steal. Yes, losing the device becomes a bigger deal

You’ve probably heard of passkeys: the shiny new "password killer" from Apple, Google, and Microsoft. Most are synced passkeys—they float across your devices via the cloud. Convenient? Yes. But they share a subtle weakness: a sophisticated attacker who compromises your iCloud or Google account could potentially clone those keys from afar.

They are bound to that device by physics and cryptography.