Latest
Ration Card in 2026: Apply, Track and Add a Family Member OnlineIndian Passport in 2026: Fees, Papers and the Real WaitRenew Your Driving Licence Online in 2026: The Full WalkthroughA 125-Million-Year-Old Shellfish Was Found With Its Babies InsideHow to Spot Satellites and the ISS Over India TonightWhy Your New AC Won't Drop Below 20°C in India AnymoreGold Rate Today, 24 June 2026: 24K Near ₹1.46 Lakh per 10gWhat's Actually Trending This Season: Bags, Shades and CharmsPerson of the Day: Sachin Bansal, From a ₹4 Lakh Bookstore to FintechNPS Vatsalya: Should You Open a Pension for Your Newborn?Ration Card in 2026: Apply, Track and Add a Family Member OnlineIndian Passport in 2026: Fees, Papers and the Real WaitRenew Your Driving Licence Online in 2026: The Full WalkthroughA 125-Million-Year-Old Shellfish Was Found With Its Babies InsideHow to Spot Satellites and the ISS Over India TonightWhy Your New AC Won't Drop Below 20°C in India AnymoreGold Rate Today, 24 June 2026: 24K Near ₹1.46 Lakh per 10gWhat's Actually Trending This Season: Bags, Shades and CharmsPerson of the Day: Sachin Bansal, From a ₹4 Lakh Bookstore to FintechNPS Vatsalya: Should You Open a Pension for Your Newborn?
GeneralNews
India & World | Wednesday, 24 June 2026 | IST
✦ Courage is just fear that kept walking. ✦
📊 Today’s Rates
🥇Gold 24K₹1,46,464 /10g🥇Gold 22K₹1,34,259 /10g🥈Silver₹2,45,000 /kg📈Sensex76,201▼-1.2%📊Nifty 5023,824▼-1.2%💵USD/INR₹94.7Bitcoin₹61,18,373▲+1.2%🛢️Brent Crude$77.2 /bbl▼-0.6%🥇Gold 24K₹1,46,464 /10g🥇Gold 22K₹1,34,259 /10g🥈Silver₹2,45,000 /kg📈Sensex76,201▼-1.2%📊Nifty 5023,824▼-1.2%💵USD/INR₹94.7Bitcoin₹61,18,373▲+1.2%🛢️Brent Crude$77.2 /bbl▼-0.6%
indicative · 2026-06-24
Passkeys in India: How to Finally Ditch Your Passwords

Photo: I'm Zion / Pexels

Passkeys in India: How to Finally Ditch Your Passwords

Technology By General News Desk · 7 June 2026, 10:13 am IST · ⏱ 5 min read

If you are tired of juggling a dozen passwords and squinting at SMS one-time passwords that arrive 40 seconds too late, 2026 is your year. Passkeys — a passwordless login method already built into your phone — are quietly going mainstream in India, and they fix the single weakest link in your digital life: the password itself. This guide explains exactly what a passkey is, how to set one up on the apps you use daily, and the one mistake that can lock you out.

The timing is not accidental. The Reserve Bank of India has been nudging banks away from relying on SMS OTP alone, with a framework for alternative authentication taking effect from 1 April 2026. Globally, Google, Apple, Microsoft, WhatsApp, Amazon and hundreds of other services already support passkeys. The plumbing is ready; most Indians just haven't flipped the switch.

Passkeys in India: How to Finally Ditch Your Passwords
Photo: Towfiqu barbhuiya / Pexels

What a passkey actually is

A passkey is not a fancier password. It is a pair of cryptographic keys created when you register with a website or app. Your device keeps a private key locked behind your fingerprint, face or screen PIN. The service stores only a matching public key, which is useless to a hacker on its own.

When you log in, your phone proves it holds the private key without ever sending it anywhere. You simply confirm with Face ID, a fingerprint, or your screen lock — the same gesture you already use to open your phone. There is nothing to type, nothing to remember, and crucially, nothing to steal.

This is built on an open standard called FIDO2/WebAuthn, backed by the FIDO Alliance. Because it is a shared standard and not one company's product, a passkey you make on an Android phone works in Chrome, and one made on an iPhone flows through Safari.

Passkeys in India: How to Finally Ditch Your Passwords
Photo: energepic.com / Pexels

Why passkeys beat passwords and OTPs

The ordinary password has two fatal flaws: people reuse it, and it can be tricked out of you. A passkey kills both problems at the source.

  • Phishing-proof: A passkey is tied to the exact website that created it. Paste it into a lookalike fraud page and it simply won't work, because there is no secret to hand over.
  • Breach-proof: When a company is hacked, attackers grab password databases. A stolen public key is worthless, so a leak no longer means your account is exposed.
  • No more OTP gambling: SMS OTPs can be intercepted, delayed, or socially engineered. India sees a steady drip of SIM-swap and OTP-sharing frauds; a passkey removes the OTP step entirely for supported logins.
  • Faster: A fingerprint tap beats typing a 16-character password and waiting for a text.

For a country where one careless OTP can drain a bank account, this is not a small upgrade. It changes the economics of online fraud.

How to set up a passkey in five minutes

The single best place to start is your Google account, because it secures your email — the master key that resets everything else.

  1. On your phone, open myaccount.google.com and go to Security.
  2. Tap Passkeys and security keys, then Create a passkey.
  3. Confirm with your fingerprint or face. Done — Google now offers a fingerprint login instead of a password.

Next, lock down WhatsApp, which rolled out passkeys for Android and iOS and lets you skip the SMS verification dance:

  1. Open WhatsApp Settings → Account → Passkeys.
  2. Tap Create a passkey and authenticate with your device unlock.

For iPhone users, passkeys are stored automatically in iCloud Keychain — when an app or website offers "Save a passkey," just accept and authenticate. The same applies to Microsoft, Amazon, GitHub, LinkedIn and a growing list inside their respective security settings.

Where your passkeys live and how they sync

A passkey is useless if it is trapped on one phone, so the big platforms sync it for you. On Android, passkeys are stored in Google Password Manager and follow you across devices signed into the same Google account. On Apple devices, iCloud Keychain does the same across iPhone, iPad and Mac.

This means buying a new phone does not mean starting over. Sign in to your Google or Apple account on the new device, and your passkeys are restored — encrypted end to end so even the platform can't read them.

If you live across both ecosystems — say an Android phone and a Windows laptop — you can still log in using a feature where your phone acts as the authenticator. The site shows a QR code, you scan it, confirm on your phone, and you're in. Third-party password managers like 1Password and Bitwarden also store passkeys if you'd rather not depend on Google or Apple.

The catch nobody warns you about

Passkeys shift the burden of security upward. Once your everyday logins ride on your Google or Apple account, that account becomes the crown jewel. If someone compromises it, they potentially inherit your passkeys; if you lose access to it with no backup, recovery can be painful.

So before you go all-in, do three things:

  • Turn on the strongest two-factor authentication available on your Google/Apple account, ideally a passkey or hardware key rather than SMS.
  • Set and verify your recovery email and phone number so you can never be permanently locked out.
  • Keep at least one backup login method (a strong password or a second registered device) on critical accounts until passkeys are universal.

This is the trade-off of any single-sign-on style convenience: fewer points of failure, but the remaining one matters more.

What comes next for India

Adoption is still early — estimates put real-world passkey usage on major platforms in the 15–20 percent range, far higher among tech-savvy users. Most Indian banks and services run a hybrid model: passkey or fingerprint as an option, password and OTP as a fallback. Expect that balance to tip over the next two years as the RBI's push away from SMS-OTP-only authentication forces the laggards to offer modern alternatives.

The likely path is gradual: payment apps and banking logins layering in device-based biometric authentication, government services tightening identity checks, and OTPs surviving mainly as a backup rather than the front door. The friction will fade the way it did with UPI — quietly, until one day typing a password feels as dated as writing a cheque.

You don't have to wait for that future. Create one passkey today on the account that matters most, and you will have already closed the door that most online fraud walks through.

Frequently Asked Questions

Is a passkey safer than a password plus OTP?

Yes. A passkey can't be phished, guessed, reused, or stolen in a data breach because the secret never leaves your device. SMS OTPs, by contrast, can be intercepted, SIM-swapped, or socially engineered out of you.

What happens to my passkeys if I lose my phone?

Passkeys saved in Google Password Manager or iCloud Keychain are encrypted and synced to your account, so they reappear when you sign in on a new device. That's why protecting your Google or Apple account with strong two-factor security is essential.

Do I have to stop using my password if I create a passkey?

Not yet. Most Indian services run a hybrid model — your old password still works as a fallback. For best security, switch to the passkey and remove or strengthen the password where the service allows it.

More in Tech

All Tech ›
Offline AI on Your Phone: Run a Chatbot With No DataArtificial Intelligence

Offline AI on Your Phone: Run a Chatbot With No Data

By General News Desk · 23 Jun
The Costliest Watches and Luxury Tech, Priced and RankedTechnology

The Costliest Watches and Luxury Tech, Priced and Ranked

By General News Desk · 23 Jun
Passkeys in India: How to Finally Ditch the PasswordTechnology

Passkeys in India: How to Finally Ditch the Password

By General News Desk · 22 Jun
The Most Expensive Phones and Gadgets You Can (and Can't) BuyTechnology

The Most Expensive Phones and Gadgets You Can (and Can't) Buy

By General News Desk · 22 Jun