World Passkey Day: The State of Passkeys in 2025

For decades, passwords have been the gatekeepers of our digital lives, despite their well-known shortcomings. Today, as we celebrate World Passkey Day 2025, we're witnessing a significant shift in how we secure our online identities.

The tech industry has rallied behind passkeys as the solution to our password problems, and for good reason. This modern authentication method is not just more secure but also delivers a smoother, faster experience for users across devices and platforms. Let’s look at how passkeys are transforming our online experience and where they stand in 2025.

‍

What's Driving the Passkey Revolution?

Passkeys are exploding in popularity because, well, passwords are terrible. Bitwarden reported a 550% jump in daily passkey creation last year, with people creating over a million new passkeys in just the last quarter of 2024. Passkeys have quickly become a mainstream solution that makes our lives easier.

What's behind this surge? For one thing, the tech world's biggest rivals, Apple, Google, and Microsoft, have actually agreed on something. They have built passkey support directly into their systems, making them available on virtually all modern devices.

But the real driving force is much simpler: we're all drowning in passwords. They're a pain to create, impossible to remember, and not even that secure. Passkeys flip the script; they're faster, more secure, and you never have to remember a thing.

‍

Some Key Highlights

Passkeys are taking off:

• Over 15 billion online accounts can now use passkeys
• Bitwarden reported a 550% jump in daily passkey creation in late 2024
• 57% of consumers are now familiar with passkeys (up from 39% in 2022)

Major platforms report significant user uptake:

• Google: Over 800 million accounts using passkeys
• Amazon: 175 million users created passkeys in the first year
• Microsoft: Expanded passkey support to Xbox, Microsoft 365, and Copilot in 2024

What's driving this success? People are discovering that passkeys are:

• Faster: Amazon users log in 6x faster with passkeys, TikTok users 17x faster
• More reliable: Microsoft reports a 98% sign-in success rate (versus just 32% for passwords)
• Safer: CVS Health saw a 98% drop in account takeover fraud after implementing passkeys

‍

Real-World Success Stories

Passkeys aren't just for tech giants anymore. They're working well across many industries:

Banking and Finance: ABANCA reports 42% of mobile banking customers now authorize transactions using passkeys, while digital banks like Revolut and Ubank have fully embraced passkey login.

Travel: Air New Zealand saw 50% reduction in login abandonment after implementing passkeys

Government Services: Australia's MyGov platform saw over 20,000 users set up passkeys in just the first week after launch.

E-Commerce: KAYAK found two-thirds of new users opt for passkeys, cutting sign-up and sign-in times by 50%.

Social Media: X (formerly Twitter) doubled its successful login rate after introducing passkeys. TikTok users are experiencing login speeds 17x faster with passkeys.

Gaming: Sony PlayStation implemented passkeys globally, resulting in 24% faster web logins and an 88% enrollment rate.

These aren't just tech experiments, they're large-scale deployments showing real benefits. When organizations switch to passkeys, they see fewer account takeovers, reduced support calls for password resets, and happier users.

At Authsignal, our own data reveals the growing dominance of passkeys in real-world authentication scenarios. Based on a sample of one million transactions in 2025, passkeys now account for 62% of all authentication challenges, compared to just 33% for SMS and a smaller percentage for other methods like authenticator apps and email OTPs. When looking specifically at autofill capabilities, passkey autofill makes up 65% of all authentication challenges – a clear indication that users prefer the seamless experience passkeys provide.

‍

What Makes Passkeys Better?

Passkeys use your phone or computer's built-in security (like fingerprint sensors or face recognition) to prove it's really you. Unlike passwords, passkeys:

• Can't be phished (they only work on legitimate websites)
• Don't need to be memorized or typed in
• Are unique for each website (no more password reuse)
• Sync across your devices through services like iCloud Keychain or Google Password Manager

Recent technical improvements have made passkeys even better. Apple, Google, and Microsoft now allow automatic syncing across devices, and new standards are being developed to let you easily move your passkeys between different password managers.

‍

Technological Developments

The technology behind passkeys continues to improve. Recent updates include:

• Automatic passkey upgrades: Sites can now seamlessly convert your existing password account to a passkey account when you login, eliminating extra steps.
• Better management tools: Apple's new dedicated Passwords app in iOS 18 helps users organize both passwords and passkeys in one place.
• Cross-device capabilities: Use your phone's passkey to log into a website on your laptop with a simple QR code scan.
• Portability standards: The FIDO Alliance has published draft specifications for the Credential Exchange Protocol (CXP) and Credential Exchange Format (CXF), which will allow you to securely transfer your passkeys between different password managers.
• WebAuthn Signal API: This new technology will refine how passkeys are managed and displayed across different devices, making the experience more streamlined and reducing confusion.
• Hardware security keys: For users with heightened security needs, physical FIDO2 keys provide an even stronger level of protection, with the private key never leaving the device.

These improvements address many of the early concerns about passkeys and make them more practical for everyday use.

‍

Current Challenges

Despite impressive progress, there are still several obstacles:

• User adoption requires changing deeply ingrained password habits
• Technical implementation can be complex for service providers
• Account recovery mechanisms need to be seamless and reliable
• Inconsistent terminology across platforms can confuse users

‍

Why Passkeys Matter More Than Ever

For phishing attacks (many now powered by AI), traditional passwords are more vulnerable than ever. Passkeys are phishing-resistant by design. When you use a passkey, it's tied to the specific website you're visiting, making it impossible for scammers to trick you into using it on a fake site.

This security benefit hasn't gone unnoticed. The US National Institute of Standards and Technology (NIST) has updated its guidelines for 2025, mandating phishing-resistant multi-factor authentication (including standards like WebAuthn and FIDO2) for all federal agencies. This official endorsement clears the way for government agencies and regulated industries to adopt passkeys.

Beyond security, the cost savings are compelling. Organizations report significant reductions in help desk calls for password resets, lower fraud rates, and reduced expenses from SMS-based authentication methods. These tangible financial benefits, combined with happier users, make passkeys an increasingly attractive investment.

‍

What's Next for Passkeys?

Looking ahead, experts predict passkeys will reach mainstream status as early as 2025. We're likely to see:

• Major banks will be embracing passkeys by the end of 2025, with significant breakthroughs in the banking, payments, and travel industries
• Windows-synced passkeys are being introduced in 2025, providing seamless recovery and synchronization for billions of users
• E-commerce sites are pushing passkeys to reduce cart abandonment due to forgotten passwords
• Passkeys for credit card confirmations are becoming common during online purchases
• Public sector adoption expanding across multiple countries
• More companies are fighting AI-driven phishing attacks with passkey authentication

By 2027, some experts predict that passkeys will become the dominant form of online authentication, surpassing both traditional passwords and conventional multi-factor authentication methods.

Microsoft's identity team summed it up well when they said they "hope passkeys replace passwords almost entirely (and we hope this happens soon)."

‍

Key Strategies for Successful Passkey Implementation

While the benefits of passkeys are clear, the approach to implementation can significantly impact adoption rates. Organizations looking to transition users to passkeys should consider these proven strategies:

• Strategic timing matters. Prompting users to set up passkeys immediately after a strong authentication event, like completing an OTP challenge, can significantly increase adoption rates. This moment of heightened security awareness creates a natural opportunity for introducing passkeys.
• Messaging influences adoption. Users are more inclined to embrace passkeys when the messaging highlights ease and speed rather than complex security benefits. Focusing on "faster logins" and "no more passwords to remember" resonates more effectively than technical security details.
• Native integration creates trust. Implementing passkeys using native platform APIs ensures a seamless and trustworthy user experience. When the authentication feels like a natural part of the operating system, users are more likely to trust and use it.
• Respect user choice. Forcing passkey adoption can lead to resistance. Offering passkey setup as an option, with the ability to re-prompt users at appropriate intervals, fosters trust and increases long-term adoption rates.
• Optimize for mobile experience. Our data shows that mobile app adoption significantly influences passkey usage. Ensuring a smooth experience on mobile devices with optimistic passkey autofill in both web and mobile interfaces drives higher conversion rates.
• Create a passkeys-first flow. Using operating system passkey detection functions, you can funnel users toward passkey authentication while maintaining traditional options as fallbacks for those without enrolled passkeys or who opt out of using them.

At AuthSignal, we've built these insights into our passkey implementation approach. Our platform enables the seamless transition to passkeys after strong authentication events, allows customized messaging that emphasizes speed and convenience, offers multiple integration pathways (from hosted UI components to full headless APIs), and supports an optional adoption approach that respects user preferences.

Want to see passkeys in action? Try our interactive passkey demo to experience the speed and simplicity firsthand. See how your users could benefit from a faster, more secure login experience without the hassle of passwords.

This World Passkey Day, let's prioritize user-friendly security that actually gets adopted, not just implemented.

‍

The Bottom Line

Passwords have been with us since the dawn of computing, but their days may finally be numbered. Passkeys offer something rare: both better security and a better user experience at the same time.

The numbers tell a compelling story:

• Over 15 billion online accounts are now capable of using passkeys
• Login speeds are dramatically faster (from 3x with Microsoft to 17x with TikTok)
• Security improvements are substantial (CVS Health saw a 98% drop in account takeovers)

This World Passkey Day, consider taking a small step toward a passwordless future. Next time a site offers you the option to set up a passkey, give it a try. You might be surprised at how much better logging in can be when you don't need to remember anything.

Contact us to learn how we can help you implement passkeys for your organization and join the passwordless revolution.