• Euphorazine@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    20 days ago

    If you’re talking about what Google or Microsoft offer as a login tool, it’s basically a file hidden on your physical PC so when you attempt to login to a service that wants it, the service gets a password from you and the passkey from your actual device to authenticate you.

    For example, I have passkey enabled on my windows PC that my Google account has a passkey in. Anytime I access the built in password manager in chrome, Windows now gives me a pop up for a PIN number, and then windows will authenticate on my behalf with the hidden passkey.

    If I need to access my password manager from my phone or another computer, I have to use my Google password instead since my passkey isn’t on those physical devices.

    I believe Microsoft stores your passkey files on your motherboards TPM module, but I could be wrong.