1 Message
Using Passkeys as Multi-factor Authentication
I am very confused about using Passkeys as multi-factor authentication (MFA).
My understanding is that Passkeys are not and should not be tied to a device. In the Apple ecosystem, you are meant to share them via iCloud, just the way you share passwords, and you use the same Passkey on all your devices. But when I set up a Passkey for MFA, it seems to be attached to the device (the device's name is included in the name of the Passkey), and when I go to manage MFA on that device, I cannot use the Passkey for that device as a second factor.
And, it seems, I cannot use the Passkey on the website at all.
It seems to me the SimpliSafe team has confused Passkeys with Biometric Authentication, because since they have been introduced, I cannot use Biometric Authentication on my iPhone app anymore. When my Passkey works (when I have only one Passkey and it was created on the iPhone), I cannot switch to or enable Biometric Authentication. According to this support article,
Once Biometric Authentication is configured, you’ll only need to enter your email address and use Biometric Authentication to log in on this device.
I cannot get that work at all. I have to log in with email, password, and SMS text or Passkey. And I can only use the Passkey created on that phone, which is tough, because none of the tools support multiple Passkeys for the same login.
I tried searching for Passkeys in the Help Center and the only thing that came up was that article about Biometric Authentication. I would expect there to be an article covering how to set up and use Passkeys, too.
So please help me. I want to be able to log into SimpliSafe from my iPhone, iPad, and Mac Book (using Safari), and share credentials via 1Password. I do not want to use SMS for Multi-Factor authentication, because it is not very secure and it has a rate limit of 1 per hour (after an initial 10). I would prefer to use a standard TOTP like with Google Authenticator, but I can use a Passkey if I can share it among all my devices. How do I make this happen?
emily_s
Community Admin
•
3.4K Messages
1 year ago
Hi @alarm_40,
When a passkey is added to an iOS device for multi-factor authentication, that passkey is saved to the keychain on your device and can be shared with other devices associated with the same Apple Cloud ID.
This issue you are experiencing logging in can be resolved by having a member of our Support team reset the account MFA and set it up again. I see that you've already reached out to our Support team - are you still experiencing this issue?
1
crt928
1 Message
11 months ago
The Web site is looking for a Passkey on a Win11 laptop device, there is no Passkey on my machine. This makes signing into my account a nightmare. Yes I have contacted Support about this but its back to looking for a Passkey again
0
NaranKPatel
3 Messages
5 months ago
I have similar weird problem logging in from windows 11 desktop, please fix this!
0
NaranKPatel
3 Messages
4 months ago
Is there any improvement in sharing passkeys for Windows 11? I use 1Password and can use it across all my devices; why can you not support these kinds of passkey secure storage of passwords and passkey storage tools?
0
china
1 Message
2 months ago
I'm also encountering this issue.
0
customerhughessimplisafe
21 Messages
3 days ago
I run comprehensive security audits every six months for over six dozen accounts involving four devices. Between mid-November 2024 and January 11, 2025, SimpliSafe login authentication broke for two processes: 1) specifying OTP via voice only in my profile (SS code ignores this and always reverts to SMS which has been deprecated as a security risk for years) and 2) iPhone biometric authentication. After spending hours with a patient and dedicated L2 tech support person, it became necessary to formally open an L1 ticket with the "iLab" team. Today is February 19, 2025 and, despite my following up three times, all I hear are crickets. I was supposed to get a call back. I've written systems like this, myself, so I believe I know what the problems are but it seems that SimpliSafe will not address them. I have put my plans to buy a second system on hold because of this, and SimpliSafe now, unfortunately, is in my red-zone "risk" account set. I agree with @alarm_40 who suggested that "SimpliSafe team has confused Passkeys with Biometric Authentication" and with @crt928 who complains, as do I, that "signing into my account [is now] a nightmare". I might add that it is a security risk which, clearly, is NOT a good thing for my home security system to be.
(edited)
1
0