Passkeys are a significantly safer replacement for passwords and other phishable authentication factors. They cannot be reused, don't leak in server breaches, and protect users from phishing attacks. Passkeys are built on industry standards, can work across different operating systems and browser ecosystems, and can be used with both websites and apps.
You can use passkeys to sign into sites and apps that support them. Signing in with a passkey will require you to authenticate yourself in the same way that you unlock a device.
Chrome M108 enables passkeys on Windows 11, macOS, and Android. On Android your passkeys are securely synced through Google Password Manager. In future versions of Android, other password managers will also be able to sync passkeys.
Once a passkey has been saved on your device, it will show up in autofill when signing into a site.
On desktops, you can choose to use a passkey from a nearby iOS or Android device. The passkey won't leave your mobile, only a securely generated code is exchanged with the site.
You can manage your passkeys from within Chrome on macOS and Windows. Google says it's been working with Apple, Microsoft, and other members of the FIDO Alliance to develop secure authentication standards and it's working to enable passkeys in iOS and ChromeOS.