WebAuthn & Passkeys
WebAuthn provides the strongest form of authentication available on Boottify. It uses hardware security keys or device biometrics for phishing-resistant login.
What is WebAuthn?
WebAuthn (Web Authentication) is a W3C standard that allows websites to authenticate users with:
- Hardware Security Keys — USB devices like YubiKey or Titan Security Key.
- Platform Authenticators — Built-in biometrics like Touch ID, Face ID, or Windows Hello.
- Passkeys — Synced credentials stored in your password manager or iCloud Keychain.
Registering a Security Key or Passkey
- Navigate to Settings → Security.
- In the WebAuthn Credentials section, click Register New Credential.
- Give your credential a descriptive name (e.g., "YubiKey 5C" or "MacBook Touch ID").
- Your browser will prompt you to interact with your security key or use biometrics.
- Complete the registration by touching your key or scanning your fingerprint/face.
Signing In with WebAuthn
Once a credential is registered, you can use it during sign-in:
- On the sign-in page, click Sign in with Security Key.
- Your browser will prompt you to present your security key or use biometrics.
- After successful verification, you'll be signed in immediately — no password needed.
Managing Credentials
From the security settings page, you can:
- View all registered credentials with their names and registration dates.
- Remove a credential if it's lost or no longer needed.
- Register multiple credentials for backup access.
Best Practices
- Register at least two credentials — a primary key and a backup.
- Keep your backup security key in a secure, separate location.
- Use passkeys for convenience on personal devices and hardware keys for shared workstations.
- WebAuthn works alongside 2FA — both can be enabled simultaneously for maximum security.