Tender Surrender

When implementing passkeys yourself or investigating how passkeys work on other websites, setting up a debugger to capture requests and responses or parsing binaries to read the contents is not easy. You can easily achieve this using a Chrome Extension called WebAuthn DevTools.

At the FIDO Tokyo Seminar, I was told it's hard to track the high-level picture of how passkeys are evolving, and I thought it would be helpful to introduce key terminologies so you can get a grasp of the passkey world and look into more details when necessary. So here it is.

I have revamped this blog. The appearance is almost the same, but I have introduced an English version with multilingual support (i18n) and changed the infrastructure.

I have written a book called "All About Passkeys" (https://gihyo.jp/book/2025/978-4-297-14653-5). I would like to give you a brief introduction to the contents of this book, which will be released on January 28th.

Recently, I've seen a lot of people complaining about passkeys being difficult to use. I've also seen several posts from people who have trouble logging in to services they want to use because they can't find the passkeys they thought they had created.

So in this blog post, I would like to consider why this happens, how to avoid such situations, what measures users can take, and what service providers can do to reduce the number of users who feel this way.