Portal
Forum
Devolutions Force
Hub Business
Hub Personal
Devolutions Send
Devolutions Academy
RDM
Workspace
Launcher
For decades, authentication has relied on username-password pairs to verify identity. However, this system has inherent flaws — anyone with the credentials can authenticate from anywhere, making usernames and passwords a target for attackers. To strengthen security, multi-factor authentication (MFA) introduced additional verification, like time-sensitive codes or biometrics. While more secure than passwords alone, MFA also added complexity.
Passkeys aim to resolve this complexity by offering a more streamlined and secure authentication experience. Since smartphones are widely used and already support biometric authentication — such as fingerprints and facial recognition — they provide an ideal platform for passkeys. By leveraging these capabilities, passkeys allow users to authenticate themselves using their phones, effectively replacing the need for memorized passwords. With a simple confirmation on their smartphone, users can authenticate securely and efficiently.
The technology behind passkeys
At first glance, the concept of passkeys may appear almost magical. However, their foundation lies in a well-established technology: public key cryptography.
Introduced in the 1970s, this cryptographic method revolutionized secure communications by introducing a two-key system: a public key that can only be unlocked (decrypted) with a private key. With these paired keys, data (such as messages) can be "locked” (encrypted) or signed to validate its creator.
When setting up a passkey, the public key is stored with the website or system, while the private key remains securely on the user’s device. If a passkey is stored on a smartphone, the private key is used against a website’s public key to authenticate the user.
Passkeys in practice
Most modern operating systems and browsers now support passkeys. Additionally, a community-maintained index of websites offering passkeys is continually updated, reflecting the growing adoption of this technology.
For the technically inclined, passkeys adhere to the WebAuthn web standard created by the World Wide Web Consortium (W3C) and supported by the FIDO Alliance. Passkeys themselves are a core authentication method of FIDO (Fast IDentity Online), which aims to promote passwordless authentication, and of which Devolutions prides itself as a member!
At Devolutions, we’ve embraced passkeys by integrating them into our products and services. The Devolutions Workspace browser extension (pictured below) allows users to store passkeys in the cloud-hosted Devolutions Hub or self-hosted Devolutions Server advanced data sources and Devolutions Hub Personal. Using a passkey stored with Devolutions Workspace is similar to using a passkey stored on the phone: when prompted, a user can authenticate with the passkey to sign in.
This functionality extends to Devolutions Accounts, enabling users to sign into the Devolutions Portal and the Devolutions Forum with a passkey. A passkey can be easily created from the Devolutions Portal in Sign-In & Security by selecting Add a security key. After following through with the prompt, a passkey will be generated and can be saved on a computer, mobile device, or in the Devolutions Workspace browser extension.
Devolutions is proud to be at the forefront of this exciting new standard and is committed to expanding passkey support over time.
