Skip to main content
Log in

What is a Passkey?

  • Updated

Earlier this year we announced Swan Guard, our suite of security enhancements and elevated service features designed to provide industry-leading protection for our clients and their Bitcoin assets while they are in our care or utilizing our supported custody solutions.

Passkeys are part of the Swan Guard suite and are available to all Swan clients. 

What are passkeys?

Passkeys are a more secure alternative to traditional authentication methods. They use cryptographic technology to create a unique digital key for logging into your Swan Bitcoin account. Unlike email based codes and TOTP codes, passkeys can't be phished, leaked in a data breach, or reused across services.

Why should I use passkeys?

  • More secure: Passkeys are phishing-resistant
  • Faster login: No need to wait for an email or switch apps for one-time codes
  • Easier to use: Verify with your device's biometrics (face or fingerprint) or device PIN

How are passkeys different from other login methods?

Before passkeys, Swan Bitcoin has been using email one-time passwords (OTP) with time-based one-time passwords (TOTP) for authentication. While these methods provide security, passkeys offer enhanced protection against phishing attempts while providing a faster, more convenient login experience.

How do I add a passkey to my Swan Bitcoin account?

To add a passkey:

  1. Log in to your Swan Bitcoin App account using your current authentication method
  2. Go to Your Settings
  3. Select “Add Passkey”
  4. You'll receive an SMS verification code to confirm your identity
  5. Enter the code and follow the on-screen instructions to create your passkey

How do I use a passkey to log in?

When logging in to Swan Bitcoin:

  1. Enter your email address
  2. Click "Continue with Passkey"
  3. Your device will prompt you to use your passkey
  4. Verify with your face, fingerprint, or device PIN
  5. You're instantly logged in!

How do I remove a passkey?

To remove a passkey:

  1. Log in to your Swan Bitcoin account
  2. Go to Your Settings
  3. Find your passkey in the list and select "Remove"
  4. You'll receive an SMS verification code to confirm your identity
  5. Enter the code to complete the removal process
  6. Keep in mind you must also remove the passkey from your password manager or you may end up presenting a removed passkey for login and get an error message.

Can I have multiple passkeys?

Yes! We support having multiple passkeys and it is recommended to register passkeys on multiple devices as a back-up. You can also use the same passkey across multiple devices supported by your password manager.

What happens if I lose my device with a passkey?

If you lose a device with a passkey, you can still log in using:

  • A passkey on another device
  • Our existing email OTP or TOTP authentication methods

For security, we recommend removing passkeys from lost devices by logging in on another device and following the passkey removal instructions.

What browsers and devices support passkeys?

Web Browsers

  • Google Chrome (version 108+)
  • Safari (version 16+)
  • Microsoft Edge (version 108+)
  • Firefox (version 111+)

Mobile Operating Systems

  • iOS/iPadOS 16 or later
  • Android 9.0 or later (with Google Play Services)

Desktop Operating Systems

  • macOS Ventura (13) or later
  • Windows 10 (with latest updates) or Windows 11
  • Linux (with compatible browser)

Password Managers

  • Apple iCloud Keychain
  • Google Password Manager
  • 1Password
  • Lastpass
  • Bitwarden
  • Dashlane
  • Yubikey

Are passkeys shared across my devices?

Passkeys can sync between devices if you use a supporting password manager or operating system keychain:

  • Apple devices sync passkeys via iCloud Keychain
  • Android devices sync via Google Password Manager
  • Password managers like 1Password and LastPass sync across their supported platforms

Why do I need to verify with SMS when adding or removing passkeys?

We require SMS verification when adding or removing passkeys as an additional security measure. This helps prevent unauthorized changes to your authentication methods even if someone temporarily gains access to your account.

Will passkeys replace the current login methods?

For the foreseeable future, we'll continue to support our email OTP and TOTP authentication methods alongside passkeys. However, we strongly encourage users to adopt passkeys for the enhanced security and convenience they provide.

I'm having trouble with my passkey. What should I do?

If you're experiencing issues with your passkey:

  1. Ensure your device and browser are updated to the latest version
  2. Try using another supported browser or device
  3. Use our alternative authentication methods (email OTP or TOTP) to log in
  4. Make sure you removed deleted passkeys from your password manager and aren’t presenting a deleted one to attempt to log in.
  5. Contact our support team at [support link] for assistance

Are passkeys really more secure?

Yes! Passkeys use strong cryptographic techniques that make them significantly more secure than passwords. They:

  • Cannot be phished - the cryptographic challenge is bound to the legitimate website
  • Cannot be leaked in data breaches - the private key never leaves your device
  • Resist credential stuffing attacks - each passkey is unique to the service it's created for
  • Eliminate password reuse - you don't create or manage the passkey manually

Further Questions

If you have any other questions about passkeys, please contact our support team at Swan.com/support. We're here to help!

Related articles