[What's New] Passwordless, Secure Access - Zyxel Account Now Supports Passkeys

Zyxel_Bruce

A Passwordless Future

For decades, we’ve relied on passwords—a string of characters that’s either too simple to be secure or too complex to remember. It’s a game of endless resets, sticky notes, and the constant fear of a data breach.

But what if you could just… stop?

At Zyxel, we understand that strong security is the foundation of a connected world. The weakest link in that foundation has always been the password. That's why we’re proud to bring you Passkeys, a revolutionary step toward simplifying sign-ins and making the internet safer. This isn't just a new feature—it's the future of authentication, and we’re making it available NOW for your Zyxel Account.

What is a Passkey?

Passkeys are an easier, more secure alternative to passwords. They let you sign in to your Zyxel Account with just your fingerprint, face scan, or screen lock, providing a faster, easier, and more secure way to access Zyxel services.

This allows all users to securely log in to their Zyxel Account, regardless of whether they originally signed up via email, Google, Apple, or Microsoft Entra ID. In addition, Passkeys enable one-tap sign-in, bypassing the interfaces of other service providers.

If you enable cloud sync, your Passkeys will be securely backed up and synced across all your devices, meaning even if you switch or lose a device, you won't lose access to your account.

Why activate a passkey?

We believe that the best security is the kind you don't even have to think about. Passkeys deliver an experience that’s not just safer, but also faster and more convenient.

• Simplicity by Design
  Log in with a single tap, a face scan, or a fingerprint—the same way you unlock your phone. You don't need to be remembered or typed.
• Secure by Design
  Passkeys provide the strongest protection against threats like phishing. Because they’re stored on your local device, they cannot be guessed or reused, which keeps your information secure from attackers.
• Private by Design:
  Your passkey stays private on your personal device and is never shared with Zyxel or any other third-party partners.

Ready to take control of your digital security? Set up your Passkey today and experience the next generation of authentication.

Learn how to set up your Passkey now

Zyxel_USG_User

I just tried the 'passkeys'.

Passkeys are a terrible piece of @#@#°#°§ unstudied stuff, and their implementation is never straightforward or stable or nice. Each and every one makes whatever they think is proper implementation. And anyhow: one ends up again having to type a PIN before each and every connection, so… duh.

1. I used chrome browser, on a Win11 with local Hello PIN and TPM enabled, no clouds sync. All Windoze and apps are up to date.

2. Log in to Zyxel username+pwd+MFA

3. Create passkeys, all works fine. Tried it a few times, all good. If you want to use it from another browser, that specific 'passkeys' does not work nor it is asked for- Brave, Firefox, …

4. Now, back to Chrome.

Even if it only a reference, with all the security holes lately in Chrome, one does not want to have any entries in the browser cache. See for yourselves after you set up in:

chrome://settings/passkeys

As soon as that entry in Chrome gets deleted, the entire passkeys functionality is gone. And currently, cannot be fetched back because your Authn dialogue does not even suggest that as an alternative. After deletion of the passkeys entry in Chrome, only this is displayed as options:

Basically, that passkeys is rendered useless because from your side there is no query for such- if there is no according browser entry.

TPM has securely stored the passkeys locally, but the menu asks only for passkeys from an USB key or from a mobile device, because there is no reference in the current browser and it expects one…. it never goes back to ask/check if there is anything stored in the local WIndoze TPM.

I assume that in your setup, one needs to make a passkeys entry PER each browser used.

Better stay with username+password+MFA…. Other than you have a solution implemented for this flaw.

Meh.