← prev next →

Don't implement passkeys. Five Day 2 issues explained

friction surfacing validated

A detailed critique highlights five specific problems encountered during the early post-launch phase of passkey authentication systems.

This matters because early technical and usability frictions in passkey implementation reveal that transitioning foundational security technologies requires robust developer support and user education to overcome inertia and avoid erosion of trust.

Signal Analysis Investment Analysis Research Analysis Source

Signal Analysis

Tension

Organizations seek to adopt more secure and user-friendly passkey systems, but technical challenges and user experience issues in the early days are creating resistance and hesitation among implementers.

Binding Constraint

Limited developer expertise and integration tooling around passkey technology, combined with immature standards and inconsistent user platform support, constrain smooth implementations at scale.

Who Benefits

Developers and companies providing robust passkey integration tools, security training providers, and alternative authentication vendors that offer easier interim solutions may benefit. Security-conscious users stand to benefit from eventual improvements.

Who Loses

Organizations rushing to adopt passkeys without sufficient support or understanding, early adopters facing user frustration, and traditional password management providers may lose relevance if passkeys mature.

Mechanism

Highlighting early implementation issues → organizations delay or avoid passkey adoption → continued reliance on passwords and legacy authentication → sustained demand for password management solutions and incremental security patches → slower transition to modern authentication → extended window of phishing/vulnerability risk → increased opportunity for vendors addressing legacy challenges.

Exposure Pattern

Companies and tools with significant revenue from legacy password management and authentication solutions; developer-facing security tooling providers focusing on easing passkey adoption; enterprises with large, diverse device fleets requiring complex authentication.

Larger Trend

Growing movement towards passwordless authentication and enhanced digital security protocols reflecting a broader shift in identity management.

Historical Parallel

Mirrors early adoption challenges seen with multi-factor authentication rollouts, where initial technical and user experience problems slowed uptake before broader acceptance.

Investment Analysis

validated

Detailed, recent evidence reveals large enterprises are facing meaningful technical and user-experience obstacles in moving to passkey-based authentication, resulting in slower-than-anticipated migration away from passwords. Okta’s own user data substantiates that passwordless adoption remains niche, with the vast majority of workforce sign-ins still relying on legacy methods. This bottleneck matters as it extends the commercial relevance—and revenue tail—of established authentication products and incremental security features.

Thesis Direction

If friction in passkey implementation continues to delay the shift to passwordless authentication within enterprises, then Okta stands to benefit through prolonged demand for its traditional and incremental authentication products, underpinning core subscription revenue. This effect is not currently pulled through in consensus modeling, as most focus on migration velocity or headline product adoption rather than delays caused by technical immaturity, user inertia, and platform fragmentation. As a result, actual revenue decay from legacy solutions may be slower than analysts expect, supporting Okta’s topline resilience for longer.

Arbitrage Assessment

The signal is observable and validated by Okta’s own recent report: password use is down only marginally (from 95.1% to 93%), and full passwordless journeys remain rare (7% as of Jan 2025). No direct analyst or media commentary frames technical frictions in passkey adoption as an unmodeled support for Okta’s legacy recurring revenue. With nearly all of Okta revenue exposed, and the mechanism not yet flagged in sell-side research, this is a real, current information arbitrage.

Candidate Tickers

  • OKTA (Okta, Inc.) benefits from

    Approximately 98% of Okta's revenue is derived from its subscription business, which encompasses authentication and identity management—including both legacy password-based and incremental security offerings. Slower passkey rollout sustains demand across nearly all of Okta’s revenue base.

    Most coverage frames Okta as a pure beneficiary of passwordless migration, not as one whose 'legacy' business is extended by adoption headwinds. This is a non-obvious near-term tailwind, not typically emphasized in analyst frameworks.

    Risk: A sudden breakthrough (technical or regulatory) in passkey implementation, or a step-function change in user behavior, could sharply accelerate migration and contradict this thesis.

Catalyst Timeline

medium term

Enterprises’ slower migration will show up as steadier-than-expected (or possibly more resilient) legacy authentication revenue in Okta’s next 2-3 quarterly results, relative to consensus models projecting faster adoption of passwordless. Watch for Okta’s commentary or segment-level trends in earnings and updated Secure Sign-in Trend reports in the next 6-12 months.

Evidence

  • Okta's Secure Sign-in Trends Report 2025 (published December 9, 2025) shows that while overall password usage among workforce users decreased from 95.1% to 93.0% in one year, phishing-resistant authenticators (including FIDO2 WebAuthn/passkeys and Okta FastPass) saw a 63% increase in adoption, rising from 8.6% to 14.0% of users as of January 2025.
  • As of January 2025, 7% of Okta workforce users completed all sign-ins without a password, indicating a slow but present shift towards passwordless authentication.
  • Enterprise adoption of passkeys remains slow due to challenges like sprawling legacy systems, complex regulatory obligations, technical interoperability issues between device ecosystems (e.g., Apple and Android), and the absence of standardized solutions for passkey recovery.
  • Many enterprises struggle with passkey adoption post-implementation because users tend to stick to familiar password habits, often due to a lack of clear guidance, optimized user experience, and robust adoption strategies.
  • Okta launched support for passkeys in October 2023, aiming to simplify implementation and reduce login friction. They also promote Okta FastPass for phishing-resistant, passwordless access, especially for managed corporate devices.

Open Questions

  • What proportion of Okta’s largest enterprise contracts are contractually linked to legacy authentication feature usage versus new passwordless solutions?
  • Are there specific verticals or customer segments (e.g., regulated industries) where passkey implementation friction is especially acute, creating greater stickiness?
  • Could pricing changes or competitive responses (from Microsoft, Duo, etc.) incentivize faster switching or diminish Okta’s legacy revenue stream despite these frictions?
Research Analysis