Passkeys for your EE ID

JordanTA
EE Knowledge Specialist
‎06-02-2025 04:43 PM

This month we’re helping you get super secure with the launch of passkey. Set up passkey from the EE app (or the Profile section on ee.co.uk) and you’ll be able to use it to log in, instead of remembering those complex passwords. Use your fingerprint, PIN or face recognition and you’re in! Just make sure you’re on the latest version of the EE app.

They're secure and much less vulnerable to cyber-attacks, scams, and data breaches than passwords. They can be easier to use because you won't need to remember a password.

EE won't store your fingerprint, PIN or face data. It's always kept safely on your device.

Check out our help page for information

 

Learn about:
19 Comments
XRaySpeX
EE Community Star
EE Community Star
‎08-02-2025 02:40 PM
‎08-02-2025 02:40 PM

Shouldn't the title be "Passkeys for your EE ID on the app"? You wouldn't be able to do this online from a PC thro' a browser.

0 Helpful
JordanTA
EE Knowledge Specialist
‎10-02-2025 09:33 AM
‎10-02-2025 09:33 AM

No @XRaySpeX , you can do it on a browser through Profile > Login information > Security - manage.

JordanTA_0-1739179959213.png

Cheers

0 Helpful
XRaySpeX
EE Community Star
EE Community Star
‎10-02-2025 02:06 PM
‎10-02-2025 02:06 PM

I was referring to trying to do a fingerprint or maybe face recognition on a PC. That just leaves a PIN.

0 Helpful
JordanTA
EE Knowledge Specialist
‎10-02-2025 02:28 PM
‎10-02-2025 02:28 PM

@XRaySpeX you can get laptops/pcs with biometrics, apparently it works as expected (it was the first thing I questioned when putting the article together). 

XRaySpeX
EE Community Star
EE Community Star
‎10-02-2025 02:42 PM
‎10-02-2025 02:42 PM

Yes, but not many have them.

0 Helpful
michael23578925
Established Contributor
Established Contributor
‎16-02-2025 01:35 AM
‎16-02-2025 01:35 AM

I'm thrilled to see EE implement passkeys. Unfortunately the implementation is incorrect, at least on android. The passkey can only be stored on the device in an unknown location, I suspect play services. It can't be stored in any password manager, not even Google password manager. This is not great. So I can't use 1Password and I can't use my yubikey to store the passkey. I've not had the chance to test other platforms yet

Also you can't make the passkeys on the EE website, which is critical to passkey management 

Are there any plans to improve this?

For a textbook implementation of passkeys, see GitHub. Their implementation is how it should be done

Shadow_Tail
Established Contributor
Established Contributor
‎21-02-2025 01:33 PM
‎21-02-2025 01:33 PM

I used it then removed it. I can't create a passkey on a my web browser, so created it on mobile app only to end up using Google Play services and can't use my own Password Manager app. This is almost as bad as EE needing a phone number for two factor authentication, if you don't you're forced to or you can't login and not giving you another option to use your own Authentication app. 

Hopefully EE catches up to allow users to have more options.

chistery
EE Community Star
EE Community Star
‎28-02-2025 09:30 AM
‎28-02-2025 09:30 AM

Working fine here with my Password manager on Android (Bitwarden).

michael23578925
Established Contributor
Established Contributor
‎03-03-2025 05:55 PM
‎03-03-2025 05:55 PM

Oh wow, PayPal have just sent out the following email.  They have finally understood how Passkeys are meant to work and are following suit.  Please EE can you take a leaf out of their book!  Also see github for ideal implementation!  Let's get rid of insecure SMS  forever, and passwords too!  

Also please make your service 1password compatible both on Windows and Android!

 

---

 

Enhanced Security with PayPal Passkey update

To enhance security, we're enabling your PayPal passkey as a two-factor authentication (2FA) method.

To strengthen your account security, the passkey you use to access your PayPal account will soon be used for two-factor authentication (2FA). This will make signing in faster by reducing authentication steps. Your current passkey remains valid, and no action is required from you. Previously your passkey was used as one of the two authentication methods with PayPal. Soon, it will verify your login in a single step, making it even easier and faster to pay with PayPal.

2FA is designed to make sure you’re the only one who can access your account. It works by asking for additional info, such as a one-time code, on top of your password. Passkeys support this by saving a unique code on your device that proves it's really you, and combining it with a second action like using your face or fingerprint to log-in.

There is no action for you to take. Your current passkey will remain valid and will be used as part of the 2FA process. You can remove your passkey anytime in your PayPal account settings. If you have any questions, please review our FAQ page here  or contact our customer support team . More information about 2FA and regulatory requirements can be found here .

TheSonyFony
New Member
‎14-03-2025 08:12 AM
‎14-03-2025 08:12 AM

I can confirm the implementation of past keys is broken on Android devices I was however able to use a third party password manager plug-in on the Firefox web browser on my desktop to create a passkey then found I could not use it, also as Passkeys have two parts there is no reason to delete a passkey unless it was used to gain unauthorised access, which is much less likely than a password compromise, one final note SMS verification is the lowest of two step verification methods most systems have now moved to authenticators or push notifications using an app

TheSonyFony
New Member
‎14-03-2025 08:14 AM
‎14-03-2025 08:14 AM

Sorry for the auto correction 😅 I ment Passkeys not "past keys"

0 Helpful
Rky
Prodigious Contributor
Prodigious Contributor
‎15-03-2025 10:56 AM
‎15-03-2025 10:56 AM

I activated this today; email came to confirm this too but when I’m trying login it doesn’t work as passkey, it asks for username then password then on next page it asks for OTP which comes as sms to my number, I enter and then login; but this is not passkey; looks like your developer has not configured it properly, with passkey, I can login with faceID, PIN etc and I don’t have to rely on entering password 

 

A passkey is a digital credential, a secure alternative to passwords, that allows users to authenticate to websites and apps using their device's built-in security features like biometrics (fingerprint, face scan) or a PIN, without needing to enter a password. 
0 Helpful
chistery
EE Community Star
EE Community Star
‎15-03-2025 02:06 PM
‎15-03-2025 02:06 PM

@Rky On what type of device? Seems to work ok on my PC, Android and iPhone

0 Helpful
TheSonyFony
New Member
‎15-03-2025 03:11 PM
‎15-03-2025 03:11 PM

Good point @chistery 

Tested on

Samsung Galaxy S21 Ultra, One UI 6.1, Android 14

Chrome and Firefox (Firefox - Bitwarden extension)

Ubuntu 22.04 Firefox with Bitwarden extension

Passkey did not save properly using the Google Android password manager so tested it with the Bitward Android app, and it seems to have worked. 

So a solution could be to use Bitwarden apps and browser extensions for now, hope this helps.

0 Helpful
Rky
Prodigious Contributor
Prodigious Contributor
‎15-03-2025 03:22 PM
‎15-03-2025 03:22 PM

I can confirm now that this is working fine

0 Helpful
TheSonyFony
New Member
‎25-03-2025 02:52 AM
‎25-03-2025 02:52 AM

OK so I just checked again, passkeys are still broken on android with Google Password Manager, strange thing is I noticed on the passkey page is that it said I'm on "Android 10 (K)", but that is wrong my device is running One UI 6.1 (Android 14)

1000027726.png

0 Helpful
CptRik
New Member
‎21-04-2025 04:09 PM
‎21-04-2025 04:09 PM

Can confirm the experience of others. 

Currently, if you add the passkey from an Android smartphone, it is bound to that device only and is not stored in the Google Password Manager. It also gets stored using a description that doesn't reflect the device - in my case, a Google Pixel 7a, it shows "Android 10 k" rather than Android 15.

However, if you add the passkey using Chrome on a desktop, it is stored in Google Password Manager and can also be used on your phone.

As Google Password Manager is an important way of preserving credentials in the case of device loss as well also facilitating login across owned devices, it would be good if the Android phone passkey implementation could be fixed by EE to work in the same way as the desktop one.

This will also no doubt reduce the number of EE helpdesk tickets for lost passkeys!

0 Helpful
chistery
EE Community Star
EE Community Star
‎21-04-2025 05:58 PM
‎21-04-2025 05:58 PM

@CptRik As far as I can tell, that's the way Google have it set up. Passkeys created on an Android will not be synced to windows devices.

Use passkeys on another device 

Screenshot 2025-04-21 174924.jpg

This is how it is working for me. I created a passkey on my Android device and saved it to Google Password manager. If I sign in from windows, I can scan a QR code on my mobile, and now I have trusted it, I enter my device PIN and it logs me in. Seems far easier to use Bitwarden and sync it on all devices though. Other password vaults probably do something similar.

0 Helpful
CptRik
New Member
‎22-04-2025 10:31 AM
‎22-04-2025 10:31 AM

Hi @chistery and thanks for your comments!

I get exactly the same experience as you. If I generate a Passkey on my phone, I can log in onto the website using Chrome on a PC using a QR code. However, the Passkey is on the phone only and is definitely not stored in Google Password Manager. So this means each time I want to log in, I need my phone to share the passkey.

Phone generated Passkeys can definitely be be stored in Google Password Manager and then used on other devices (provided you are logged in to your Google account) without the phone that created it. Local authentication is then done by the device in question (e.g. Chrome + Windows Hello on a PC). I've done this in the Uber and Amazon apps on my phone for example.  But the EE app does not behave in this way and requires the phone to be bound with the device you are using for access.

However, if the Passkey is generated on Chrome on a PC, then the Passkey does get saved to Google Password Manager, which is ideal. It is then saved across devices and I do not need the phone to log in. It also means if ever lose my phone, I do not lose my Passkey, which is exactly what I am looking for.

Ultimately I've achieved what I wanted through a Chrome generated Passkey on a PC. However, I think it would be great if EE could update the app to work in exactly the same way. This would mean that Google Password Manager users would have synced Passkeys across their devices and would not have to worry about losing them.

Hope this helps!

0 Helpful
Popular Articles