# Passkeys for improved UX and security

Passkeys are gaining popularity as a phishing-resistant passwordless approach to user authentication. * As a **FIDO credential**, a passkey is a key pair that uses standard public key cryptography to prove a user's identity without sharing any secrets. * A passkey is **bound to both a user account and a website or application**. This means that when a new passkey is created, it is automatically associated with the user ID and the Relying Party ID — typically its domain, in the case of a website. * Passkeys are **discoverable**. This means that they can be automatically detected and used by clients to perform user authentication. When the user initiates the authentication process, the authenticator doesn't need to know the user's ID. It uses the relying party ID to find the correct passkey to authenticate against that website. This frees the user from having to enter their user ID and ensures that a bad actor can't trick them into signing in to a fake website. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://fluf-id.gitbook.io/docs/solutions/2fa-onchain-auth/passkeys-for-improved-ux-and-security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.