MyRapidi
MyRapidi

Search our Wiki

Passkeys

Passkeys - also called Security Keys - (using the WebAuthn and FIDO2 standards) provide a very secure way to authenticate yourself with MyRapidi as a physical device like a Yubikey or fingerprint scanner is used during the authentication.

This avoids practically all possibilities of account takeover and is more secure than using passwords in combination with 2FA.

The standards used for these security keys (called WebAuthn and FIDO2) are relatively new but are supported by industry leaders like Google and Microsoft and built into recent browser versions of Google Chrome, Microsoft Edge, Firefox (Windows 10+) and Safari among others.

Many industry leaders already support the use of PassKeys for their different online services. For example, you find PassKeys support in Google Gmail, Microsoft Azure Active Directory, and Salesforce.com among others.

A security key or device can be set up in two different ways with MyRapidi - either as Passwordless (no password is needed at login) or as a Second Factor (like the Google 2FA but more secure as it is a hardware key).

Passwordless authentication combines the use of a physical device (which has some unique key and the ability to securely authenticate with a service) and then some personal knowledge like a PIN code or a personal feature like a fingerprint.

So as passwords can be stolen or guessed (and used remotely), it is much harder for someone to get hold of both the piece of hardware and the personal knowledge or feature (PIN code or fingerprint).

Even strong passwords used in combination with 2FA codes (like what we support with the Google Authenticator app) are less secure than using passwordless login. Hackers could steal your mobile phone number remotely and get access to your email account and then reset your password and get into your account. With passwordless login enabled (and PassKeys enforced), they will always need the physical hardware key also.

Enable passkeys on Myrapidi

So how do you enable Passkeys for your login?

You need the following items to use PassKeys with MyRapidi:

  1. A browser that supports FIDO2. In general, the latest versions of Google Chrome, Safari, Firefox, or Microsoft Edge, see here for more details.
  2. A hardware-bound passkey (like YubiKey) or biometrical device like a built-in fingerprint reader in your laptop or mobile device or you can set up your mobile device to use Passkeys to log in to MyRapidi and allow it to be stored in e.g. iCloud or Google Cloud, then use this mobile device for the login on your computer. This last method is more convenient but less secure as the hardware key (Yubikey) or fingerpring scanner.

To set up a PassKey with MyRapidi:

  1. Go to Personal Settings > PassKeys
  2. MyRapidi will check if your browser is supported (If it is not supported, you will get a message about this).
  3. Then enter a Name for your passkey (for example: "Michael's Yubikey")
  4. Check the box "Passwordless"
  5. Click the button "Add PassKey"
  6. Follow the steps provided in the popup browser window
  7. If the key is successfully added, you will see it in the list of active Passkeys

We recommend that you add at least two different Passkeys so that you have a Passkey that you normally use and a backup Passkey.

If you do not check the box "Passwordless" the key will instead be used as a secure Second Factor device. In this case, you still have to enter your password, and you then have a more secure second-factor authentication that MyRapidi will ask for after the password is entered.

After you have registered your passkey it will appear in your list of passkeys.

  • Origin: the URL where it is registered
  • Name: the name you gave the passkey
  • Type: either it will be passwordless or second factor
  • Authentication type: a) platform: a synced passkey or b) cross-platform: a hardware-bound passkey

Finally, in the action column you can edit the name of your passkey or delete it.

Enforce the use of Passkeys

If you are the account administrator for your company's MyRapidi account, you can enforce the use of Passkeys for one or more users in your MyRapidi account. You do that from the Manage Users page. We recommend that you enforce the use of Passkeys for both all account administrators and all users that have the rights to edit the configuration (Transfers, Connections, etc.).