Passkeys are a quicker, easier, and more secure way of logging into your account. They are designed to replace your password, and use your device's built-in security features (such as your fingerprint, face scan, or device PIN) to let you quickly and easily access your account.

Below are some frequently asked questions (and answers!) about passkeys:

Follow the steps here for setting up passkeys for your account.

We have some detailed troubleshooting steps outlined here, but you can also send our support team a message if you're having trouble!

Passkeys are one of the best steps you can take to protect your Cliniko account and the sensitive patient data within it. Traditional passwords have weaknesses: they can be stolen, guessed, or hacked. Passkeys are immune to all these threats, as they prevent anyone besides you from gaining access to your account through your device and greatly reduce the risk of a security breach. Because passkeys use your device's built-in security features (such as your fingerprint), you're the only person who can log in to your account using a passkey. If someone else got ahold of your computer and tried to log in using their fingerprint, it wouldn't work, because your passkey (and therefore your computer) only recognises your fingerprint.

Passkeys are also excellent protection against phishing attacks, as they’ll only work on the real Cliniko login page.

Even if you have 2FA set up, we strongly advise using passkeys. Having as many layers of security as possible to protect your account is important. Plus, if you have 2FA turned on, a passkey will also allow you to bypass that step upon login as your device will recognise you as "you" with your existing credentials plus the passkey.

It's not, but we strongly recommend that you do.

Only if you also have 2FA enabled. You can use your email, password, and 2FA to get logged in even if you no longer have the device that you originally set your passkey up on. If this happens (you lose a device), we recommend deleting the passkey associated with that device once you've logged in using 2FA, and setting up a new passkey.

If you do not have 2FA enabled on your profile, an administrator of your Cliniko account will be able to delete your passkey so that you can log in. If you are the only administrator on the account, please contact our support team for help.

No. Only you can set up a passkey, and it has to be done when you're logged in to the device you use Cliniko on.

No. Sharing passkeys doesn't work, because passkeys work by using your specific device's built-in security features (such as face ID or fingerprint). It wouldn't be possible to share your passkey with someone else because your passkey is unique to you, and you alone.

Yes. If you need to delete a passkey, go into My info, and press the Manage passkeys button:

On the next page, press the Delete button:

You'll see a little box pop up asking you to confirm if you want to delete the passkey—select yes/okay, and then your passkey will be deleted.

The answer to this one is a bit odd: sort of. Let's say you use only Apple devices—maybe you have a MacBook, an iPhone, and an iPad. If you set up a passkey on any of those devices, the passkey will be saved in your iCloud Keychain, which is linked across all of your Apple devices. So if you initially set up your passkey on your MacBook, and then you want to log into Cliniko using that passkey on your iPhone, you will be able to because the passkey is saved within your iCloud Keychain's unique security settings.

If you use different types of devices (such as a MacBook and an Android phone), you would need different passkeys, simply because Android doesn't offer support for iCloud Keychain (since that's unique to Apple), and vice-versa. Once you've created passkeys on different devices, you would have the option to select one of them to use when logging, though—let's say you've set up a passkey on your Android phone (the passkey would be saved in Google Password Manager), but you're logging into your MacBook. When entering your email address on the login page, you'd see an option to select which passkey to use:

If you were on a MacBook and selected the Google Password Manager option, you would then need to have your Android phone on hand to verify the passkey (as the phone would give you a prompt to "approve" logging in on the MacBook).

That's just one example of how passkeys work for different devices, and everyone's experience will be unique depending on what type of computer you're using, what type of phone you have, and even what browser you're on.

The section above this one outlines this a bit more, but basically, different types of devices have different built-in security features. Android's default is Google Password Manager, and Apple's is iCloud Keychain. It's simply not possible to set up an Apple passkey on an Android device, and vice-versa.

No. Passkeys are unique to every account and every website. If you use a passkey to log into your email account, that passkey won't work to log you into Cliniko. Your email account's passkey may be stored in the same way on your device (i.e. Apple's iCloud Keychain), but a passkey will only work for the specific account and website it's set up for. You could have 100 passkeys saved in your iCloud Keychain or Google Password Manager, but only the Cliniko one will work for logging into your Cliniko account. (On the flip side, you wouldn't be able to use your Cliniko passkey to log into your email!)

No. Your passkey is unique to you and your device. If someone had your phone and tried to log into Cliniko with a passkey, it wouldn't work. When the phone asks for a passkey, it will only accept the unique information that you have saved within the built-in security features (such as your fingerprint or face ID). Even if your phone prompted the passkey login for someone else, they wouldn't be able to access your account because they are not you. This is why passkeys are so secure—they prevent anyone who isn't you from accessing the sensitive patient data within your Cliniko account.

If you have additional questions about passkeys, our friendly support team is just a quick message away! 💬