Insights from FIDO Authenticate 2024 on passkey adoption, strategies, and future innovations

At Authenticate 2024, the industry’s only conference dedicated to all aspects of authentication, several sessions offered valuable insights into how organizations are navigating the challenges of password-related friction and complexity. A recurring theme was the frustration that both users and administrators face when dealing with complex and costly authentication systems with cumbersome onboarding processes. These issues are pushing companies to adopt more seamless and secure alternatives, with passkeys emerging as a promising solution.

The shift to passkeys is already in motion, with organizations prioritizing user experience to ensure a smooth transition. A major focus has been on eliminating the frustrations tied to traditional authentication systems. Companies highlighted how password-related service calls, such as those driven by complex single sign-on (SSO) or one-time passcode (OTP) implementations, can be time-consuming for both users and support teams.

Key success factors for passkey adoption include:

• Extensive UX research to identify pain points and design a seamless flow for users

• Internal beta testing and regional rollouts to minimize risks

• Targeted messaging and communication through email, social channels, and other direct lines to users, educating users on the benefits and guiding them through the transition

Some organizations shared impressive adoption metrics. For example, one major cloud services provider reported a doubling of passkey users—from 400 million to 800 million—in just a few months, primarily driven by mobile users. Key benefits included:

• A 30% increase in sign-ins due to reduced friction

• 20% faster logins, making the user experience more efficient

• 63% of users feeling safer with passkeys compared to traditional password methods

Opportunities include raising desktop adoption, particularly on Windows devices, and closing the   gap in cross-platform adoption. Addressing concerns around lost devices and re-authentication remains crucial for widespread acceptance.

The State of Michigan's deployment of passkeys serves as a strong example of how public sector organizations are leveraging this technology to improve user experience and reduce costs. Their results included:

• 70% reduction in abandonment rates during the sign-up process

• 34% faster registration, making it easier for users to get started

• Significant reduction in help desk requests, resulting in savings of over $1 million compared to SMS-based logins

The key to their success was a human-centered approach, ensuring that continuous user feedback shaped the rollout. Clear, effective communication about the benefits of passkeys also played a pivotal role.

For organizations with large, complex systems, the transition to passkeys is not without its challenges. Businesses are carefully enforcing passkeys in limited scope as they assess the technology's impact. Some best practices shared during the sessions emphasized the importance of:

• Continuous assessment of user experience to ensure frictionless 

• Automation and credential recovery to streamline processes and improve operational efficiency

• Staying attuned to FIDO developments to keep up with evolving standards

Many organizations, particularly in the financial sector, have chosen to build their own in-house passkey authentication systems. However, many others are leveraging solutions like Bitwarden Passwordless.dev to implement custom passkey authentication. This approach saves development time and allows teams to concentrate on core business features while ensuring robust, up-to-date security. The platform easily scales to meet user demand and enhances user experience by incorporating best practices for authentication flows. Additionally, it simplifies integration with existing systems and removes the burden of navigating extensive W3C specifications, selecting cryptographic methods, or managing public keys.

The future: Credential exchange protocol

There was also a lot of excitement about the future of passkey adoption, particularly with the introduction of the credential exchange protocol. This protocol promises to simplify credential management and improve passkey portability across credential managers, which could make passkeys even more attractive for both users and enterprises.

Improved support for passkeys by major platforms

Microsoft is set to enhance passkey support in Windows 11 with a redesigned Windows Hello experience that allows users to choose how to save their passkeys, including syncing them to their Microsoft account or using providers like Bitwarden. A new API for third-party password and passkey managers will enable developers to integrate directly into the Windows 11 experience, facilitating the use of the same passkey for authentication across mobile devices and PCs. While some current apps already support this via QR codes, Microsoft's full support will significantly improve the passkeys experience on Windows.

In conclusion, organizations that focus on user experience, effective communication, and strategic rollouts are seeing substantial benefits from passkey adoption. While challenges remain—especially in terms of cross-platform adoption and credential recovery—the future of secure, passwordless authentication looks promising, with innovations like the credential exchange protocol set to push the industry forward.

Ready to experience the benefits of a password manager with Bitwarden? Quickly set up a free Bitwarden account, or keep your team protected online by initiating a 7-day free trial of our business plans.