A passkey is a password replacement stored right on your device — your phone, laptop or desktop computer. Instead of typing an e-mail and a password, you log in the same way you unlock your phone: with your fingerprint, your face or your device PIN. One click on "Use passkey" on the login page, a biometric confirmation — and you're in. No password, no waiting for a login link to arrive.
Passkeys are built on the open WebAuthn/FIDO2 standard that Apple, Google and Microsoft all agreed on — virtually every browser supports it today, and banks and major online services use it too.
First, generate a passkey in Settings
A passkey doesn't appear by itself — you need to create one once, and you need to do it on the device you want to log in from later:
- Log in using any method you already have — an e-mail link, Google, a password…
- Open Settings and click "Add passkey" in the Passkeys section.
- Your browser asks for a confirmation — fingerprint, face or PIN. That's it.
From that moment on, this device logs you in with a single click. A passkey only works where it is stored — if you use several devices (phone + computer), create a passkey on each of them. Settings lists them all in one place, including when each was last used.
Why it's safer than a password
- There's nothing to steal. The secret part of the key never leaves your device — the server only stores the public part, which is useless to an attacker. A leaked password database can't affect you, because there is no password.
- It can't be phished. A passkey is firmly bound to QR Payminder's address — it simply won't work on a fake (phishing) page, no matter how convincing it looks.
- It can't be watched or guessed. No "Password123", no sticky notes on the monitor.
Good to know
- Syncing between devices. If you use iCloud Keychain or Google Password Manager, your passkey can carry over to your other devices within the same ecosystem automatically. It doesn't cross ecosystems (iPhone ↔ Windows), though — just create a second passkey there, it takes a few seconds.
- Borrowed or shared device? Browsers usually also offer a "use a phone" option — you scan a QR code with the phone that holds your passkey and log in through it, without leaving anything behind on the other computer.
- A passkey is an addition, not a lock-in. All the other login methods (e-mail link, Google, password…) stay available. If you lose a device, log in another way and delete the orphaned passkey in Settings.
- A passkey won't create a new account yet. It logs you into an account that already exists — create a new account with one click via an e-mail link, then add a passkey right after.
Tip: the "Use passkey" button on the login page only shows up in browsers that support passkeys. If you don't see it, try updating your browser — support is standard in all major browsers today.