ELI5, Am I right to say that even if you store a passkey in iCloud and its data is breached, the passkeys are useless unless hackers can confirm a passkey with fingerprints or Face ID of the original owner


You probably all heard that hype about passkey technology and that the need to use passwords will be obsolete soon. So I’m trying to understand the technology under the hood.

In: 3

iCloud Keychain is end-to-end encrypted so even if the data were breached, it’s useless without an authenticated device to decrypt it. The optional [recovery process](https://support.apple.com/guide/security/secure-icloud-keychain-recovery-secdeb202947/1/web/1) for a new device requires a recovery passcode.

One point of clarification: your PIN or password is the primary security method on your device and Face/Touch ID are merely shortcuts for re-authentication after you’ve already provided the passcode, so at no point do you ever need the face or fingerprints of the owner for anything.