LoginOS
← Decision Log
ADR-001 Accepted

Should we force passkeys?

Recommendation

No. Introduce progressive opt-in first.

Context

Passkeys offer clear phishing-resistance and usability gains, and it's tempting to mandate them at signup to accelerate adoption and simplify the login surface.

Options considered

  • Force passkey enrollment at signup

    Require every new account to register a passkey before completing signup, with no password fallback offered.

  • Progressive opt-in

    Offer passkey enrollment at high-motivation moments (post-login, post-recovery, account settings) while keeping existing methods fully available.

  • No passkey support

    Do not invest in passkeys yet; wait for broader ecosystem and member-device maturity.

Rationale

Forcing enrollment at signup โ€” before any trust is established โ€” produces high abandonment, and permanently locks out members on unsupported devices or shared browsers. Progressive opt-in captures the same long-term adoption without the drop-off, and matches how Google and Apple introduce passkeys today (see [Benchmarks](/benchmarks)).

Risks

  • Slower passkey adoption curve than a forced rollout.
  • Requires maintaining password and itsme/CSAM paths in parallel for longer.