Why were synced passkeys introduced & what are benefits?

Why Were Synced Passkeys Introduced?#

Synced passkeys, also known as multi-device passkeys, were introduced to solve some of the usability challenges associated with traditional device-bound passkeys. While device-bound passkeys offer strong security by restricting authentication to a single device, they come with significant drawbacks, such as lack of portability and potential account lockout if a device is lost or replaced.

To address these limitations, cloud-synced passkeys were developed, allowing passkeys to be stored and retrieved across multiple devices using secure cloud synchronization services like Apple iCloud Keychain, Google Password Manager, and other platform-specific solutions.

What Are the Benefits of Synced Passkeys?#

1. Seamless Multi-Device Authentication#

• Users can access their accounts from multiple devices without having to manually register a new passkey for each one.
• If a user signs in on a new device, their passkeys are automatically available, making authentication effortless.

2. No Risk of Losing Access#

• One of the biggest limitations of device-bound passkeys is that if the device is lost, the passkey is gone.
• With synced passkeys, credentials are backed up to the cloud, ensuring users can recover their authentication keys if they switch or lose their device.

3. Improved User Experience#

• Synced passkeys eliminate friction in authentication flows by removing the need for users to manually transfer or recreate credentials.
• This is especially beneficial in consumer-facing applications where ease of use directly impacts adoption rates.

4. No Additional Hardware Required#

• Unlike traditional FIDO security keys (e.g., YubiKeys), synced passkeys do not require the user to carry around dedicated authentication hardware.
• Passkeys are stored within built-in security modules on modern devices, such as:
  • Secure Enclave (Apple)
  • Trusted Execution Environment (TEE) (Android)
  • Trusted Platform Module (TPM) (Windows)

5. Strong Security with Cloud Convenience#

• While synced passkeys rely on cloud storage, they still offer high security due to end-to-end encryption.
• The private key never leaves the user’s device in an unencrypted format, ensuring that even cloud providers cannot access authentication credentials.

6. Compatibility Across Platforms#

• Synced passkeys work across multiple operating systems and devices, making authentication more universal and reducing reliance on passwords.

Are There Any Drawbacks?#

• Cloud dependency: Since passkeys are stored in the cloud, a compromised cloud account could pose a security risk if additional safeguards (e.g., multi-factor authentication) are not in place.
• Platform limitations: Not all ecosystems support full interoperability, meaning some platforms (e.g., Windows) may require third-party password managers to sync passkeys.

Conclusion#

Synced passkeys were introduced to address the usability gaps of traditional device-bound passkeys while maintaining strong security. By enabling multi-device authentication, cloud backups, and seamless user experience, they significantly reduce friction in passwordless authentication, making passkeys a viable replacement for passwords across a wide range of applications.

Read the full article#

About Corbado

Corbado is the Passkey Intelligence Platform for CIAM teams running consumer authentication at scale. We help you see what IDP logs and generic analytics tools can't: which devices, OS versions, browsers and credential managers support passkeys, why enrollments don't turn into logins, where the WebAuthn flow fails and when an OS / browser update silently breaks login, all without replacing Okta, Auth0, Ping, Cognito or your in-house IDP. Two products: Corbado Observe layers observability for passkeys and any other login method. Corbado Connect adds managed passkeys with analytics built in (alongside your IDP). VicRoads runs passkeys for 5M+ users with Corbado (+80% passkey activation). Talk to a Passkey Expert →