Passwordless adoption moves from hype to habit

With the average person juggling more than 300 credentials and credential abuse still the top attack vector, the password’s decline is long overdue. Across every major sector, organizations are changing how users log in, and new data shows the shift is picking up speed.

The 2025 Dashlane Passkey Power 20 report, based on millions of anonymized web and mobile authentications, tracks which services are leading the move to passkeys worldwide.

E-commerce takes the lead

Retail is driving most of the passkey traffic. E-commerce platforms account for nearly half of all passkey authentications. Amazon alone represents 39.9 percent, followed by eBay, Lowe’s, Home Depot, and Target. These companies are using passwordless sign-ins to cut down on checkout friction and reduce account takeovers.

When users aren’t asked to choose between passwords and passkeys, adoption rises quickly. The report notes that passkey authentications overall have more than doubled in a year, reaching 1.3 million per month, while 40 percent of users now store at least one passkey.

Business platforms gain traction

Adoption isn’t limited to consumer apps. Business-facing software is showing strong growth, led by HubSpot and Okta, which both launched passkey support within the last year. HubSpot has seen login success rates rise by a quarter and login times become four times faster than with passwords or two-factor authentication. Okta’s inclusion in the top twenty signals growing enterprise acceptance.

Cisco Duo and other B2B tools are also helping normalize passkeys in corporate environments. This means fewer password resets, fewer help desk tickets, and fewer compromised accounts. For companies running large identity infrastructures, the operational benefits add up quickly.

John Bennett, CEO of Dashlane, told Help Net Security that while enthusiasm is high, some industries will move slower than others. “Highly regulated industries and those that are sensitive to higher assurance authentication needs, such as healthcare, federal, banking, and insurance, will naturally have a longer tail of adoption,” he said. “In the report we’re encouraged to see industries that have often taken awhile to adopt new technologies beginning to embrace passkeys as a means for users to securely access services.”

He added that for complex enterprise environments, the transition will take time. “The move away from password use will happen more gradually as organizations must take into account how they manage passkeys and user access workflows if they are to avoid leaving security gaps,” Bennett said.

Crypto and finance go passwordless

Financial and cryptocurrency platforms are among the most aggressive adopters. Coinbase, Binance, and Kraken all rank in the top twenty. The report links this to the high stakes of protecting digital assets.

Gemini stands out for going a step further. In May 2025, the exchange began requiring all users to create a passkey before accessing their accounts. That move produced a 269 percent rise in authentications, signaling that mandatory passwordless access is gaining traction in sectors where trust and security are inseparable.

Fintech firms Mercury and PayPal also reported steady growth, helping cement passkeys as a standard login method for financial transactions.

Big tech’s different paths

The report separates Google and Apple from the main rankings because their influence distorts the numbers. Google accounts for roughly half of all passkey activity measured. Its authentications grew 352 percent after it made passkeys the default login for personal accounts in late 2023. That decision exposed hundreds of millions of users to passwordless sign-ins, turning a niche technology into an everyday experience.

Apple’s approach has been slower, shaped by its focus on platform control. Until recently, Apple’s passkeys couldn’t be exported to third-party managers, but that changed with iOS 26 in September 2025. The update introduced credential portability, allowing users to move passkeys between Apple’s built-in manager and others through a new standard called Credential Exchange.

Microsoft joined the movement in May 2025, making passkeys the default sign-in for all new Microsoft accounts. That change drove a 120 percent increase in authentications. Bennett said these kinds of changes are important to the broader shift. “Zero passwords should be the goal, and we’re certainly moving towards a point where the password begins to disappear,” he said. “Much of passkey adoption can be traced back to major enterprise platforms making passkeys the default authentication method.”

Even so, he noted that traditional passwords will linger. “Passwords continue to serve essential roles for many applications, largely because legacy systems require a longer-tail transition period when implementing new practices. As we see adoption rise, it becomes a question of how we can provide a seamless transition and user experience.”

Beyond Passwords: A Guide to Advanced Enterprise Security Protection