Arizona State University enhances cybersecurity with new passkey login system

Sophie Jones

December 7, 2025

Arizona State University is constantly evolving its security frameworks to stay ahead in the ever-changing digital landscape. As new cybersecurity threats emerge, ASU continues to strengthen its defenses. This includes introducing advanced features and proactive safeguards that help every Sun Devil work, learn and collaborate in a secure environment.

What’s new?

Beginning January 1, ASU community members will notice an update to the ASU Single Sign-On login page when visiting My ASU and other ASU sites, as a new passkey authentication feature is introduced. We assure you that these changes to the My ASU portal are legitimate. Concerned or suspicious users are advised to verify what they see against our video of the expected change below and to continue scrutinizing any browser security warnings or alerts.

Please note: The passkey implementation process is subject to minor design modifications as the project continues to undergo functionality enhancements. Should any substantial changes occur, the video above will be updated to ensure that all Sun Devils have access to an accurate and current representation of the steps involved in implementing a passkey on their account.

What is a passkey?

Passkeys are a secure alternative to traditional passwords, authorizing logins based on a combination of factors: something you have (your device), something you know (a PIN code assigned to your device), and, optionally, something you are (e.g., fingerprint or facial recognition).

Relying on a technique called asymmetric cryptography, passkeys use a system of public and private keys that, together, verify that the person who registered the device is the person logging in. Passkeys are unique to each account, stored securely on your device(s), and can be synced across different devices.

Why are passkeys preferred?

Passkeys eliminate the need for passwords or codes that can be stolen, and protect users from the risk of being tricked into revealing their credentials or entering them on fake websites during phishing attacks. Passkeys provide additional protection against phishing and fraud by leveraging a digital key system that enhances account security beyond what traditional passwords can offer.

If I choose to use my biometric data, how will ASU store this information?

Arizona State University does not collect or store any biometric data. Biometric authentication is processed solely on the device a user chooses to log in with, by that device, rather than by the University. ASU receives only confirmation or rejection of authenticity from the passkey-enabled device, and thereafter sanctions login without receiving any biometric data. As previously communicated, biometric passkeys are entirely optional.

Passkey adoption is voluntary, and community members will be able to log in as they usually would. However, ASU encourages all affiliates to create a passkey, as this approach provides stronger protection for sensitive information.

Thank you for your attention and cooperation as we continue to strengthen the security of our digital environment.