X👾💡🎒

Passkeys

What is a passkey?

A passkey is a login method that replaces traditional passwords with device-based authentication such as fingerprint, face recognition, or a local device PIN. It’s built on the FIDO2/WebAuthn standard and helps reduce common risks like phishing and credential theft.

How do passkeys compare to passwords?

Passkeys work differently than traditional passwords:

  • They are unique to each account and bound to your device.

  • They use biometric or PIN verification on your device instead of something you type.

  • Because of this, they are less vulnerable to phishing and credential reuse.

How Do I Enable a Passkey on My Account?

  • Log into your exchange account, click the Settings button in the top right corner, and select Security, under the Passkey section, click Enable.

  • Enter the 6-digit code from your authenticator app linked to your account, and click Add Passkey.

  • Select your browser’s password manager, or set up your device fingerprint or a PIN to save your passkey for use on backpack.exchange.

  • Then follow the on-screen instructions based on your selected method.

Frequently Asked Questions About Passkeys

Which devices and browsers support passkeys?

Passkeys are supported on most modern devices and browsers, including iOS, Android, Windows, macOS, and browsers such as Chrome, Safari, and Edge. Support may vary depending on your device and operating system version.

Can I use passkeys across multiple devices?

Yes. You can register multiple devices as passkeys for your account, allowing you to log in securely from different devices.

What if I login from a new device?

If you are using a new device, you can log in with your backup method (e.g., password and 2FA) and then set up a new passkey on that device.

Do passkeys replace Two-Factor Authentication (2FA)?

Passkeys can serve as a strong alternative to passwords and may reduce the need for 2FA in some cases. However, on certain high-security actions (e.g., withdrawals), additional 2FA may still be required.

Where are my passkeys stored?

Passkeys are stored securely on your device and may be synced via trusted services such as iCloud Keychain (Apple) or Google Password Manager. They are never stored on the exchange’s servers.

What if my device is lost or stolen?

If your device is lost, you can still log in using your backup login method (password + 2FA) and remove the lost device’s passkey from your account settings. For maximum security, update your account credentials immediately.

Can someone steal my passkey?

Passkeys cannot be phished or copied like traditional passwords. Even if a someone has your account email, they cannot access your account without your registered device and biometric/PIN verification.

Can I turn off passleys after enabling them?

Yes. You can disable Passkey at any time in your account security settings and revert to using your password + 2FA login method.

Are passkeys required for withdrawals?

By default, Passkeys are used for login authentication. For withdrawals and other sensitive actions, additional verification (such as 2FA) may still be required for enhanced security.

PreviousReset 2FANextReset Password

Last updated