It’s World Passkey Day, actually: trust, adoption grows for FIDO credential

World Password Day is no longer. The annual day to promote secure password practices has run its course, and the FIDO Alliance (whose stated mission, to be fair, is to bring the world beyond passwords) has rebranded World Password Day as World Passkey Day – an occasion to celebrate the encrypted FIDO credentials that combine data you possess (a digital key or credential) with a biometric trait (something you are, usually a face or fingerprint).

To date, passkeys have been lauded for their resistance to phishing and overall security.  But there have been questions about whether the public will embrace the tech as it works to define itself.

New research from Thales suggests that may be shifting. Major brands such as Google, Apple, Amazon, Sony and Nintendo have started supporting passkeys with their software and services. According to a release, Thales’ 2025 Digital Trust Index shows that 48 percent of consumers now say they trust a brand more when it supports passkeys, and 75 percent of people say having a passwordless login experience is important to them.

A big part of the shift is the depth of dislike for passwords and their clunkiness. Thales notes that password resets are one of the top reasons for consumers losing their patience online.

“Passwords have long been a weak link in digital security, forcing consumers and businesses into a frustrating cycle of password resets and potential breaches,” says Simon McNally, cybersecurity expert at Thales. “Passkeys provide a seamless and secure authentication experience, eliminating the risks and frustrations associated with traditional passwords. Passkeys are automatically generated and securely stored, removing the burden of creating and managing complex passwords. They also enhance privacy by allowing authentication without sharing sensitive data, reducing the risk of breaches.”

“We welcome the FIDO Alliance’s commitment to World Passkey Day and its push for a passwordless future.”

Thales is not alone in embracing the rebrand. Digital ID verification provider OneSpan says it has signed the FIDO Alliance’s Passkey Pledge to drive passkey adoption. In a release, CTO Ashish Jain says “World Passkey Day is a reminder that the future of authentication is here – and it’s passwordless.”

Nearly 90 percent of businesses have deployed passkeys (or will): HID

HID is also looking past passwords, and finding increased trust in passkeys. A survey by the firm found that 87 percent of businesses have successfully deployed or are deploying passkeys, up 14 percentage points since 2022. The numbers imply that, despite unique challenges that remain, passkeys are indeed ready for enterprise deployment.

Part of that is the availability of different types of passkeys. HID’s research shows most organizations deploying a mix of synced and device-bound passkeys, “which we expect to be the norm going forward to support different applications and use cases.” For device-bound passkeys, smart cards are the most common host.

Another element is the evolution of risk assessment and tailored security. Only 21 percent of organizations deploying enterprise passkeys are targeting all of their users; most have prioritized users with access to sensitive data and applications.

HID recommends this phased approach to passwordless authentication for most businesses. “Today’s organizations serve a variety of user groups, each with specific security needs and varying levels of technical proficiency. Prioritizing access to sensitive data simplifies change management and makes it easy to get started.”

Passkey adopters are seeing significant return on investment, through a strong or moderate impact on authentication security, plus improvements in productivity and user experience. Passkeys “moved the needle on digital transformation goals at more than 8 in 10 organizations. More tangibly, operating costs also went down, with more than three quarters of respondents citing a reduction in help desk calls.”

There are still hurdles. Complexity, cost, use of shared workstations and a lack of clarity on implementation stand in the way of mass adoption, with 43 percent of respondents to HID saying passkeys are too complex.

Ironically, the reasons they are dissatisfied with existing security tools are the same problems that passkeys are designed to address: “ease of use, resistance to compromise and consistency across applications.”

“In our view, this suggests that more education is needed to help executives see that passkeys don’t have to be difficult, and they certainly don’t have to be implemented everywhere all at once. Instead, organizations should work with vendors to tailor a framework that optimizes the user experience and aligns with their existing technology environment, business needs and compliance mandates.”

Passkeys as inevitable as gills on a fish, even for password purists

There is more evidence that passkeys are gaining momentum beyond the bubble of biometrics. A piece in Security Brief Australia (which insists on continuing to observe World Password Day) quotes Randolph Barr, Chief Information Security Officer at Cequence Security.

Barr is a password believer, who says “passwords are the most important line of defense for organizational and personal information.” But he concedes that, “while password hygiene and multi-factor authentication remain essential today, the cybersecurity community is clearly moving toward a passwordless future. Even the strongest passwords can be phished or exposed, which is why many Fortune 100 technology companies have transitioned large portions of their workforce to passwordless authentication using mobile authenticators, device-based login, and biometric verification.”

“Additionally,” he says, “global financial institutions are enabling passkey support and app-based logins, while Fortune 500 retail and consumer platforms are deploying passwordless login options to reduce fraud and improve user experience.”

A separate SBA post quotes Nicolas Fort, director of product management at One Identity, who says the evolution of the password as we know it is underway. “Passwords have come a long way, from punch-tape reels in 1961 to the world of multi-factor authentication and fingerprint identification we inhabit today,” he says. “The next leap is already happening – passkeys tied to devices, one-time AI-generated tokens, and even blockchain-backed session receipts.”

authID partners with TechDemocracy on passwordless push

Doing its part to shovel dirt on the casket of the ignobly stubborn password is authID. A release from the identity proofing and biometric authentication provider announces a  partnership with TechDemocracy, a cybersecurity services and Identity and Access Management (IAM) firm based in Mississauga, Ontario, to “expand the industry’s familiarity with authID’s platform and further the transition to frictionless, passwordless sign-ins.”

“Passwordless authentication is more than a trend – it’s a transformational shift,” says Viresh Garg, SVP of cybersecurity and emerging technologies at TechDemocracy. “By partnering with authID, we’re helping enterprises embrace secure, frictionless access experiences through identity proofing, all while bringing the speed, structure, and advisory depth customers expect from us.”

Rhon Daguro, CEO of authID, says TechDemocracy’s “deep IAM expertise and unique focus on usability, security and cost optimization will empower more organizations to fully unlock the value of authID’s passwordless identity.”

The partnership will also see TechDemocracy develop a library of QuickStart accelerators to embed authID’s biometric verification and authentication capabilities into digital identity journeys built on Ping Identity and Microsoft Entra, as well as a collaboration on a series of white papers, webinars and roadshows to help organizations put passwords to pasture.

Article Topics

authID  |  biometric authentication  |  biometrics  |  consumer adoption  |  enterprise  |  FIDO Alliance  |  HID  |  passkeys  |  passwordless authentication  |  passwords  |  Thales Digital Identity and Security