Germany's government wants to replace passwords with passkeys

News
By published

Germany pushes to ditch passwords

Visual representation of a passkey on a computer chip
(Image credit: Shutterstock/ ArtemisDiana)
  • The German government wants to make passkeys its main authentication method
  • Claims passkeys are more secure, easy to use and resistant to phishing attempts
  • Passkey familiarity is still pretty low, Germany admitted (in 2024)

The German government has set out plans to replace passwords with passkeys as the main authentication method, with the latter being seen as more secure, phishing-resistant and user-friendly.

A BSI (Germany’s Federal Office for Information Security) announcement was complemented by draft guidelines (BSI TR-03188), detailing how passkeys compare a public key stored on the website with a private key stored on the user’s device.

Device-bound passkeys (stored locally and linked to a device) and synced passkeys (stored in encrypted cloud for multi-device access) were both noted as acceptable authentication methods.

Germany wants to standardize passkey use

Because passkeys are account-specific, they cannot be reused across multiple sites, instantly boosting security. Despite best practice guidance, it’s a fact that many of us still use the same passwords across multiple accounts for ease. But being stored on-device or in the cloud means users won’t need to remember passkeys for every account.

Passkeys are also resistant to man-in-the-middle attacks and phishing attempts, because they require a user’s own private key to be used from an approved device.

“We must make cybersecurity as simple as possible and at the same time robust. Passkeys are a perfect example of how to meet technical challenges with technical solutions. The future belongs to them,” BSI President Claudia Plattner said (translated).

Still, the BSI recognizes that there’s a long way to go. A 2024 report found that only 38% were familiar with passkeys, and adoption only stood at 18%. There’s also the fact that passkeys were slow to take off, with few websites offering the option to generate a passkey-based login during the early days.

Today, though, Germany’s government isn’t the only body recognizing the benefits.

In May 2025, Microsoft declared it would be making all new accounts passkey-accessible by default – eventually this is expected to extend to existing accounts too.

You might also like

Craig Hale
Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.