What Are Passkeys?
Passkeys represent the next generation of secure authentication, combining convenience with top-tier security. We now support passkeys as a two-factor authentication method, enabling password-free logins without relying on traditional authentication codes. This method allows you to access your account using:
- Biometric authentication (Face ID, Touch ID, Windows Hello)
- USB security keys (FIDO2-compliant devices)
Key Security Note: When enabling passkeys, your account must always retain at least one active passkey. You may reset existing passkeys or add new ones before removing any outdated credentials.
Prerequisites for Creating a Passkey
Before setting up your passkey, ensure you have:
1. Compatible Hardware
- Devices: Windows 10+, macOS Ventura+, or FIDO2-supported USB security keys
- Mobile Devices: iOS/iPadOS 16+ or Android 9+ (for cross-device authentication)
2. Supported Browsers
| Browser | Minimum Version |
|---|---|
| Google Chrome | 109+ |
| Apple Safari | 16+ |
| Microsoft Edge | 109+ |
๐ Discover more about FIDO2 security standards
Step-by-Step: Creating Your Passkey
Step 1: Access Security Settings
- Log in to your account at OKX.com
- Navigate to Profile > Security > Security Center
Step 2: Enable Passkeys
- Locate Passkeys in the Security Center
- Select Set Up followed by Enable Passkeys
- Complete required security verification (2FA/SMS code)
Step 3: Choose Creation Method
You'll have two options:
Option A: Create with This Device
- Select This Device
- Complete biometric authentication/PIN verification
Option B: Use External Authentication
- For USB Keys: Insert FIDO2-compliant key and follow prompts
- For Mobile Devices: Scan QR code with your smartphone's native camera
Verifying Your Passkey
On Current Device
- When prompted, authenticate using biometrics
- Optional: Select Cancel to use password instead
Cross-Device Verification
- Select Verify with Another Device
- Scan displayed QR code with your secondary device
Pro Tip: For optimal performance during verification, use Chrome or Safari. Other browsers may show minor UI differences.
Managing Your Passkeys
Renaming Passkeys
- Go to Passkeys > Manage
- Select Rename beside your target passkey
- Enter memorable identifier (e.g., "MacBook Touch ID")
Note: Name changes only affect OKX's interface. To modify device names system-wide, edit via Chrome's Manage Devices.
Resetting Passkeys
Required when:
- Your only passkey is compromised
- You need to rotate credentials
Process:
- Select Reset in Passkey Management
- Complete facial verification via mobile
- Register new passkey
๐ Troubleshoot passkey issues
Removing Passkeys
Available when multiple passkeys exist:
- Click Remove next to unwanted passkey
- Verify identity via alternate method
Security Alert: Removal may trigger 24-hour withdrawal/P2P restrictions if not verified by another passkey.
FAQ Section
Q: How many passkeys can I register?
A: Maximum 10 per account. Remove old ones before adding new credentials.
Q: Can I use passkeys on public computers?
A: Not recommended. Use USB security keys instead of biometrics on shared devices.
Q: What happens if I lose my security key?
A: Reset via alternate authentication methods (2FA/face verification).
Q: Why the 24-hour restriction after passkey changes?
A: Security measure to prevent unauthorized account access during credential transitions.
Best Practices for Passkey Security
- Diversify Authentication: Maintain at least two passkeys (e.g., phone + USB key)
- Regular Audits: Review registered devices quarterly
- Emergency Preparedness: Keep backup authentication methods active
- Physical Security: Store USB keys as you would house keys
Always prioritize account security over convenience when configuring authentication methods.