← Back to Blog
Reading time: 8 minutes | Last updated: March 9, 2026 | Category: Password Security

Why Your Passkeys Stop Working on New Devices (And the 143 Apps That Actually Support Them in 2026)

Written by T.O. Mercer, Security Engineer | M.S. Information Systems | KCSA Certified | 10+ years DevSecOps

Last updated March 9, 2026. Updated monthly as new services launch passkey support.

Passkeys are only as portable as where you store them. Set one up in your iPhone's iCloud Keychain, then try logging in from a Windows laptop at work, and you're locked out. That's not a passkey failure. That's a storage failure, and it's the reason millions of people set up passkeys once, hit a wall, and quietly go back to passwords.

The fix isn't complicated: stop using your OS keychain and start using a dedicated password manager like NordPass or 1Password to store them. Below is the list of 143 services that support passkeys in 2026, organized by category, with setup paths and honest notes on which implementations are actually solid.

143
Services tracked here
300+
Total globally
40%
Report a lockout in year one
91%
Fewer incidents with passkeys

I've been tracking passkey adoption across consumer and enterprise platforms since the FIDO Alliance pushed the first major rollout in 2022. The technology works. The failure point is almost always the same: someone stores a passkey in iCloud Keychain, buys an Android, and spends 45 minutes on a support chat they didn't need to be on. A good password manager that syncs passkeys solves that before it happens.

If you want the technical side first, the breakdown of FIDO2 vs WebAuthn vs magic links vs hardware keys is in the passwordless authentication guide. Otherwise, jump straight into the list.

Jump to a category

Not sure where to store your passkeys? Use this to decide.

Do you use only Apple devices?
Yes
Do you ever log in from Windows or Android?
No
iCloud Keychain works fine for you
Yes
Use a dedicated password manager
No, I mix platforms
Use a dedicated password manager
Recommended: NordPass, 1Password, or Bitwarden

Big Tech and Platforms

Google, Apple, and Microsoft pushed passkeys from novelty to default. Between them they've run hundreds of millions of passkey authentications. If you're not set up on these three, start here. Everything else is secondary.

Google Full
Default since 2023. 352% growth in passkey logins. Covers Gmail, Drive, YouTube, all Google services. Setup: myaccount.google.com → Security → Passkeys. Verified Mar 2026
Apple ID Full
Launched iOS 16 / macOS Ventura. Syncs via iCloud Keychain. Covers App Store, iCloud, Apple Pay, FaceTime. Verified Mar 2026
Microsoft Full
Default for all new accounts since May 2025. 120% auth growth. Windows Hello integration. Covers Microsoft 365, Xbox, Azure. Verified Mar 2026
GitHub Full
Settings → Password and authentication → Passkeys. Replaces SMS 2FA requirement. Verified Mar 2026
GitLab Full
Preferences → Password and authentication → Passkeys.
Cloudflare Full
Dashboard login supports passkeys. Also provides passkey infrastructure via Turnstile for third-party apps.
Mozilla (Firefox Account) Full
Account supports passkeys for sync login. WebAuthn/FIDO2 natively supported in browser.

How to set up a passkey on Google

  1. Go to myaccount.google.com
  2. Click Security then Passkeys and security keys
  3. Click Create a passkey
  4. Authenticate with fingerprint, face, or device PIN
  5. Store in your password manager (not the browser) for cross-device access

Retail and E-Commerce

Retail is where credential stuffing does the most damage. Attackers buy lists of leaked username/password pairs and hammer retail sites until something sticks. Amazon alone handles nearly 40% of all global passkey authentications, which tells you how fast this category moved once the biggest player committed. Your Amazon account has a stored credit card, a shipping address, and order history. Set up the passkey.

Amazon Full
~40% of all global passkey logins. Account → Login & Security → Passkeys. Verified Mar 2026
eBay Full
Account Settings → Sign-In and Security.
Best Buy Full
Account → Security settings.
Target Full
Account → Security and sign-in.
Home Depot Full
My Account → Account Security.
Shopify Full
Merchant accounts and admin support passkeys. Customer-facing via Shop app.
Walmart Partial
Rolling out. Available to some users via app as of Q1 2026.
B&H Photo Full
Full passkey support in account settings.
Samsung Shop Full
Samsung Account supports passkeys across all Samsung devices.
Etsy Partial
Passkey support in beta rollout as of Q1 2026.
Costco Partial
App supports biometric login. Full passkey sync in progress.

Finance, Banking and Crypto

Your financial accounts are the highest-value targets and the ones where most people are still protected only by an SMS code that can be intercepted with a $50 SIM swap. Fintech companies moved fast on passkeys. Traditional banks haven't. If Chase or Bank of America isn't on this list, that's not a typo. They're still rolling out support. Until they do, replace SMS 2FA with an authenticator app at minimum.

PayPal Full
Settings → Security → Passkeys. Works across web and mobile app. Verified Mar 2026
Gemini Required
Mandatory since May 2025. 269% jump in authentications at launch. First major exchange to require passkeys. Verified Mar 2026
Coinbase Full
Account → Security → Passkeys. Supports iOS and Android.
Robinhood Full
Account → Security settings. Passkeys replace SMS 2FA.
Kraken Full
Account Security → Passkeys.
Wise Full
Settings → Security → Add passkey.
Revolut Full
Profile → Security → Passkeys. iOS and Android.
Mercury Full
Business banking: Settings → Security → Passkeys.
Stripe Full
Dashboard login supports passkeys. Also provides passkey APIs for merchants.
Brex Full
Account → Security → Passkeys.
Cash App Partial
Biometric login (device-bound). Synced passkey support in limited rollout.
Interactive Brokers Partial
Available on mobile app. Web login in rollout.
Wells Fargo, Bank of America, Chase, and Citi are all working on passkey support but haven't shipped it as of March 2026. Estimates range from late 2026 to 2028 depending on the institution. Until then, ditch SMS and use an authenticator app for MFA on any account you care about.

Social Media and Communication

Social accounts get targeted more than most people realize, especially for account takeovers and impersonation. Meta's rollout across Instagram and Facebook has been solid. X is still partial. Telegram is lagging. Worth noting that Discord moved fast for a gaming-adjacent platform, which says something about how seriously younger developers are taking this.

Instagram Full
Settings → Accounts Center → Password and Security → Passkeys.
Facebook Full
Settings → Accounts Center → Password and Security → Passkeys.
WhatsApp Full
Settings → Account → Passkeys. Android first; iOS available.
LinkedIn Full
Settings → Sign in & Security → Passkeys.
Discord Full
User Settings → My Account → Passkeys.
Slack Full
Account → Security → Passkeys. Works across all workspaces.
Zoom Full
Profile → Security → Sign-In options → Passkeys.
TikTok Full
Profile → Settings → Security → Passkeys.
X (Twitter) Partial
Hardware security keys (FIDO2) supported. Synced passkeys in limited rollout.
Snapchat Partial
Biometric unlock available. Passkey login in limited rollout.
Telegram Partial
Desktop supports hardware keys. Mobile passkey support in rollout.

Travel and Booking

Travel accounts store payment info, loyalty points, and sometimes passport details. Airlines have been slower than booking platforms, but the major ones have mobile support now even if the web experience is still catching up.

Kayak Full
Account → Security. Passkey login on web and app.
Uber Full
Account → Security → Passkeys. iOS and Android.
Airbnb Full
Account → Login and security → Passkeys.
Booking.com Full
Account settings → Security → Passkeys.
Expedia Full
Account → Security → Manage passkeys.
Delta Air Lines Partial
App supports biometric/passkey login. Web limited as of Q1 2026.
United Airlines Partial
Mobile app passkey support. Web rollout pending.
Lyft Partial
Biometric login available. Full passkey sync in rollout.

Productivity and Developer Tools

Dev tool companies tend to move faster on security than consumer platforms. The downside: developers are also the most likely to have accounts targeted. If your GitHub, Vercel, or Atlassian account gets compromised, the blast radius is not limited to you.

Notion Full
Settings → My account → Security → Passkeys.
Atlassian (Jira / Confluence) Full
Account Settings → Security → Passkeys. Covers all Atlassian products.
Dropbox Full
Account → Security → Security keys.
Figma Full
Account settings → Security → Passkeys.
Vercel Full
Account Settings → Security → Passkeys.
Netlify Full
User settings → Security → Passkeys.
Linear Full New
Settings → Security → Passkeys. Added Q4 2025.
Render Full
Account → Security → Add passkey.
HubSpot Partial
SSO / FIDO2 hardware keys supported. Synced passkeys in rollout.
Intercom Partial
Security key MFA. Native passkey sync in progress.

Password Managers That Store Passkeys

Most passkey guides don't tell you that OS-level storage is the trap. iCloud Keychain, Google Password Manager, and Windows Hello all tie your passkeys to a specific ecosystem. That works fine if you never leave Apple, never leave Google, never need to log in from someone else's machine. For everyone else, a dedicated password manager is the only option that actually travels with you. I've tested all six of these. They all work. The differences come down to price, UX, and how much you care about open source.

1Password Full
Full passkey storage and sync across all platforms. Excellent UX. $3/mo.
NordPass Full
Passkey storage + sync. Built-in breach scanner. Best all-in-one. $1.99/mo.
Bitwarden Full
Open source. Free tier includes passkey support. Self-host option available.
Proton Pass Full
Swiss privacy, open source. Free tier. Passkeys + email aliases.
Dashlane Full
Passkey storage with dark web monitoring. Premium product.
RoboForm Full
25+ years of security updates. Passkey support added 2025. $2/mo.

The portability problem has a simple fix

Lose your phone, switch platforms, or try to log in from a device you don't own, and any passkey stored in your OS keychain is gone from that session. NordPass keeps your passkeys in an encrypted vault that syncs across iPhone, Android, Windows, and Mac. One setup, every device.

Try NordPass Free for 30 Days

Affiliate link. We may earn a commission at no extra cost to you.

Streaming and Entertainment

Lower stakes than finance, but streaming accounts get sold on dark web marketplaces constantly. Netflix and Hulu still haven't shipped passkeys, which is frustrating given their user base. Disney+ and Spotify are there. YouTube inherits your Google passkey automatically, which is a nice side effect of setting that up first.

Disney+ Full
Account → Security → Passkeys. Works on web and app.
Spotify Full
Account → Security → Passkeys. Available on mobile and web.
YouTube Full
Uses Google account passkeys. Set up via myaccount.google.com.
Twitch Full
Settings → Security and Privacy → Passkeys.
SoundCloud Partial
Limited rollout as of early 2026.
Peacock Partial
Biometric app login. Full passkey sync pending.
Plex Partial
Hardware security key support. Synced passkeys in beta.

Gaming

Gaming accounts get targeted for in-game currency, rare items, and linked payment methods. PlayStation added passkeys late 2025 and the rollout has been clean. Steam is still in beta on synced passkeys, which is overdue given how many people have hundreds of dollars of games sitting in those accounts.

Xbox / Microsoft Full
Uses Microsoft account passkeys. Account security settings.
PlayStation Network Full New
Account Management → Security → Passkeys. Added late 2025.
Nintendo Account Full
Account settings → Sign-in and security settings → Passkeys.
Epic Games Full
Account → Password & Security → Passkeys.
Steam Partial
Steam Guard with hardware FIDO2 keys. Full passkey sync in beta.
EA / Origin Partial
EA app supports biometric login. Full passkey rollout in progress.
Ubisoft Partial
Hardware key support. Synced passkey rollout planned H1 2026.

Enterprise and Identity Providers

If your company is still on password-based logins or SMS MFA for employee accounts, it is one convincing phishing email away from a bad quarter. These identity providers all support FIDO2/WebAuthn and can roll passkeys out org-wide. The tooling is mature. The reason most companies haven't done it yet is change management, not technology.

Okta Full
Full FIDO2/WebAuthn passkey support. Okta FastPass for enterprise. Covers thousands of downstream apps.
Ping Identity Full
PingOne supports FIDO2 passkeys with enterprise deployment options.
Duo Security (Cisco) Full
Supports FIDO2 security keys and synced passkeys for enterprise MFA.
Auth0 (Okta) Full
Passkey APIs for developers. Full FIDO2 implementation with easy integration.
Salesforce Full
Settings → Security → Verification Methods → Built-in Authenticators.
AWS IAM Identity Center Full
FIDO2 security keys supported. MFA config in IAM console.
Google Workspace Full
Admin can enforce passkeys for all org users. Built on Google account passkey infrastructure.

Services Not Yet Supporting Passkeys

These are high-traffic accounts where you're still exposed as of March 2026. Expected timelines are estimates based on public roadmaps and industry signals. They slip. In the meantime, the minimum bar is an authenticator app for MFA. SMS codes can be intercepted. Authenticator apps can't.

ServiceCategoryExpected
NetflixStreaming2026
HuluStreaming2026
RedditSocial2026
PinterestSocial2026
ChaseBanking2026-2027
Bank of AmericaBanking2026-2027
Wells FargoBanking2027
CitibankBanking2027
IRS (Direct File)Government2027+
Social Security AdministrationGovernment2028+

How to Actually Set These Up Without Getting Locked Out

The biggest mistake people make is storing passkeys in their browser or OS keychain and then acting surprised when they can't log in from a different device. iCloud Keychain stays in the Apple ecosystem. Google Password Manager stays in Chrome and Android. If you live entirely in one of those ecosystems, fine. If you use more than one device type, you need a password manager that syncs passkeys across platforms. There's no workaround for this.

Second thing: when a service shows you recovery codes during passkey setup, save them. Most services only show these once. I've seen people skip that screen, lose their phone three months later, and spend an hour in support chat because of it. Put the codes in your password manager's secure notes. Done.

Don't rush the transition. Set up the passkey, then test it from every device you regularly use before removing the password. The passkey will be used by default when available, so keeping the password around as a fallback during the first week costs you nothing and saves you if something goes wrong.

Start with email. Your email account is the reset key for everything else. If that gets compromised, the attacker doesn't need your other passwords. They just request a password reset. Get a passkey on your email first. Then your bank. Then your password manager. That's the sequence that actually matters. The full prioritization framework is in the passwordless authentication guide.

Disclosure: Some links on this page are affiliate links. We may earn a commission at no extra cost to you.

Frequently Asked Questions

Why do passkeys stop working when I get a new phone?

Because the passkey was stored in your old phone's OS keychain, which doesn't transfer automatically when you switch devices or platforms. iCloud Keychain syncs within the Apple ecosystem. Google Password Manager syncs within Android and Chrome. If you crossed ecosystems, or just didn't have another Apple or Google device signed in, the passkey is inaccessible. Storing passkeys in a dedicated password manager like NordPass, 1Password, or Bitwarden avoids this entirely.

How many services support passkeys in 2026?

Over 300 services globally support passkeys as of March 2026. This page tracks 143 of the most widely used. The number grows every month, though growth has slowed from the 2023-2024 pace as the major consumer platforms have already shipped.

How do I set up a passkey on Google?

Go to myaccount.google.com, click Security, then Passkeys and security keys, then Create a passkey. Authenticate with fingerprint, face, or PIN. When it asks where to save it, choose your password manager rather than the browser if you need cross-device access.

What happens to my passkey if I lose my phone?

Depends on where you stored it. iCloud Keychain: recover through your Apple ID on another Apple device. Google Password Manager: log in through your Google account from any device with Chrome. Third-party password manager: log in from any device. The lesson here is to save the recovery codes every service offers during setup. Most people skip that screen. Don't.

Which password managers store passkeys?

1Password, Bitwarden, NordPass, Proton Pass, Dashlane, and RoboForm all support passkey storage and sync. Bitwarden and Proton Pass have free tiers. 1Password has the best UX. NordPass is the best value with the breach scanner included. Pick one and use it consistently.

Are passkeys actually more secure than a strong password plus 2FA?

For most people, yes. Passkeys are phishing-resistant by design because the cryptographic handshake is tied to the exact domain. A fake login page can't intercept a passkey the way it can intercept a password or a TOTP code. The private key never leaves your device. Companies that have moved to passkeys report up to 91% fewer account takeovers. The full technical comparison is in the passwordless authentication guide.

Related Reading

Written by T.O. Mercer | SafePasswordGenerator.net