Apple is developing a 'passkey' feature that allows you to log in to web services with just Face ID or Touch ID without a password

Apple engineer Garrett Davidson is developing a new passkey feature that allows account verification using Face ID and Touch ID instead of passwords, revealed in a developer session at WWDC 2021 Did.

Move beyond passwords --WWDC 2021 --Videos --Apple Developer
https://developer.apple.com/videos/play/wwdc2021/10106/

Connecting to a Service with Passkeys | Apple Developer Documentation
https://developer.apple.com/documentation/authenticationservices/public-private_key_authentication

Apple Aiming to Eliminate Passwords With Face ID / Touch ID Passkeys --MacRumors
https://www.macrumors.com/2021/06/10/apple-icloud-keychain-passkeys/

According to Davidson, Apple plans to add passkey functionality managed by the iCloud Keychain to iOS 15 and macOS Monterey.

A passkey is a private / public key pair based on the web standard 'WebAuthn ', which is a password-free login method. iPhones, iPads, and Macs generate a public / private key pair when you create an account and send the public key to the server. It also stores public and private key pairs in your iCloud keychain to synchronize and share keys between your devices.

In addition, by authenticating the passkey with Face ID or Touch ID, you will be able to log in to the unique account of the web service without entering the password each time.

It's possible to log in to a web service using Face ID or Touch ID in iOS 14, but the first time you need to enter your ID and password in your browser, store this ID and password in your iCloud keychain. However, from the second time onward, I just call using Face ID or Touch ID. Since the password input method is vulnerable in the first place, it can be said that a passkey that supports WebAuthn is more secure.

According to Davidson, the passkey feature works only on Apple devices, but the technology can be used to implement similar features on Windows and Android. That's why Apple is also in talks with partner companies that participate in industry groups such as the World Wide Web Consortium and the FIDO Alliance, which develop WebAuthn.