Implement Passkeys (edited)

AzMurph · May 2023

I've been getting up to speed with passkeys over the past week with a few of my accounts now starting to support it. Once I got the hang of it, I really like it. And once you can remove the password all together, it seems really secure. Are passkeys on any short to medium term implementation roadmap?

Coach Natalie · May 2023

Hello @AzMurph,

Thanks for posting your inquiry to the Community!

I'm not aware of any plans to implement Passkeys, however, I'm not sure that we'd even be able to. When researching Passkeys, it looks like it's an authentication platform of Google's to be able to access their own products, such as Gmail and YouTube. Since Simplifi is not a Google product, I don't think this would be doable.

With that said, would you mind providing a bit more details as to what specifically you're looking for with Simplifi? Thanks!

-Coach Natalie

AzMurph · May 2023

Sounds like you haven't been looking into it yet so it'll be awhile. Passkeys are not a Google product. If you just did a web search you would see a lot of Google association to it because they just enabled it for Google accounts last week. It's supported by Google, Apple, and Microsoft to replace passwords. It's not something that any company owns or controls.

Here's a better link to start to get educated on it. I'm not an expert on it by any means, but have used it on a few accounts that have enabled it and it's pretty great from a user perspective. And since it's supposed to be more secure than passwords and two factor, double bonus. But, it's early days.

https://fidoalliance.org/passkeys/

RobWilk · May 2023

Passkeys are supported, for example, by Microsoft Edge (which i'm now using primarily on my Mac)… As a user, It works like this, on a site like google (or even Best Buy supports them), on login it asks for a fingerprint (or screen unlock) rather than a password. No passwords are exchanged, somewhere a secure 'key' was set up when the account was first installed on that machine.

Now here's a slight negative, for someone like me, who has destroyed computers and swapped out cell phones during a mental health episode, I could be left without a way to login to accounts.

Edit: I should disclose something by saying thank you to best buy for many free products that they've given me to review since 2016.

AzMurph · May 2023

For that case of changing devices, it backs up across your devices depending on what vault you use. So, your iCloud, Google account, or Microsoft Authenticator would hold the passkeys to be transferred to the new device. But I expect you would need another device (like laptop, phone, tablet) or to have a recovery code just like now with two factor authentication. I've read that 1Password and Dashlane are about to begin support of it too so that would imply all password managers like Bitwarden, etc would also get there. Here is one of 1Passwords blog post about it.

https://blog.1password.com/passkeys-vs-passwords-differences/

Anyway — I don't mean to push it too much. I'm not a tech person. I just enabled a few of accounts with it and really like using it and the idea of it. it's early so it'll be a few years for this to become standard, but financial information seems like a great place to start. On the ones I've enabled so far, they are keeping passwords as a backup for now, but I expect in a couple of years they'll then start removing the passwords once they get the majority of users on the passkeys and get the kinks worked out.

Coach Natalie · May 2023

Hello @AzMurph,

Thanks for confirming and providing additional info!

Although I'm not aware of any plans amongst our Product Team to implement Passkeys, the best way to get the request in front of them is by creating an Idea post so other users can vote on it. With that said, I did go ahead and turn this post into an Idea post requesting Passkeys.

I hope this helps!

-Coach Natalie

AzMurph · May 2023

Thanks for doing that. Much appreciated!

bharing · November 2023

Implement Passkey support to log in to Simplifi

RobWilk · November 2023

This idea exists here, it has 5 votes as of this writing:

[removed link to merged thread]

RiversideKid · July 2024

I would certainly feel better if the site required passkeys rather than passwords. The sign in process is incredibly easy with a passkey manager like 1password and MUCH more secure than using password. Different sites implement it differently, so please do not go the CVS route which seems to rely upon cookies, but something like the Google route where I can click "use passkey" would be better.

MtnCreed · October 2024

Passkey is widely considered the future of authentication. It may seem simple, but incorporating it into Quicken's web authentication would be incredibly convenient for users and match Quicken's push to become a modern, intuitive platform.

SRC54 · October 2024

I have set up a few mostly with google accounts and they have been hit or miss for me. I too use Apple products. I think it will likely be the future, so I will upvote it.

By the way, this morning with 4.29 update, I see that I was signed out and signing back in took a while. Apple never wants to find my password although it's there (and it is one of those long impossible to remember ones); it doesn't find it, so maybe a Passkey would be easier.

I am not so concerned about security as I don't have my name tied to my account nor can anyone see my account numbers in Simplifi or transfer funds within Simplifi. I am sure many on here will tell me I am wrong about this, however.

RobWilk · October 2024

The thing about a passkey, the first time you sign in (without a passkey) you need a password, then it gives you a passkey, which is basically a "saved password" ("keep me logged in") that requires either fingerprints or face id to use (just like my chrome passwords are set up right now). I don't really get the point of passkeys yet.

-Rob

SRC54 · October 2024

@RobWilk Yes, and if you don't have fingerprint or faceid on your Mac (the new Macs have it), you have to use your phone, and I haven't gotten it to work yet.

RobWilk · October 2024

@SRC54 To sign into Apple Services (like App Store Connect) if i want to use a passkey, I need to use my iPhone, it doesn't seem to accept browser based passkeys. So, you're not missing out on that. Websites like CVS (with chrome anyway) store passkeys in the browser and use the fingerprint reeader on the mac.

SRC54 · October 2024

@RobWilk Yep, and I have created some passkeys but not using them much. I have spent much of the day reconfiguring my Mac because for the second time since I've had it, my user info got scrambled and both times it was with Simplifi. It just wouldn't log me in on Safari telling me my password was bad, and like an idiot I changed it, but it wasn't the problem. I could log on on the phone and on Chromium. So I had to create a new user name and connect to the Cloud, fiddle with all my settings and get everything back where I want it. Then I delete the old user.

I wonder if it is using a Safari App that is the problem. Such a waste of time.

RiversideKid · October 2024

Passkeys are super simple with 1password.com. We use 1password on our Windows, and macOS computers and Android phones. The password functions and passkey functions are in sync and are not tied to any computer or browser. The dashboard tells us when new sites support passkeys, MFA, 2FA, etc. (I do not work for 1password, have just been really happy with the improved functionality over browser based solutions. Although I do work as a desktop support person and we use a business 1password account at work.)

RobWilk · October 2024

1Password would probably never work for me. It requires a subscription. I have (seemingly as a result of periodic thyroid issues) periods where I have financial difficulties and wind up in a hospital for up to a month, and during that time my subscription may not get paid, and all my passwords would likely be forgotten during that month, which might not be good.

-Rob

InkSeer · March 2025

Passkeys are a new platform agnostic standard for 2FA and I would love to see this feature as well. It is not dependent on 1Password or Google and can be used with any system that implements the Passkey standard: https://fidoalliance.org/passkeys/

arigoldblatt · September 2025

On Quicken login, the only MFA support is for call/text/email. This request is to implement support for authenticator apps and/or passkey support.

rmquick25 · October 2025

How do I vote to implement passkeys?

Edit - found it. My health equity account now uses passkeys and won’t connect to Simplifi.

RobWilk · October 2025

@rmquick25 At the top of this idea post, back up on the first message (on page 1 if there's more than one page) is a yellow-area with a vote count. The vote count has two arrows, up (vote up) and down (vote down), make your choice.

DryHeat · November 2025

Is this feature request suggesting that:

Simplifi implement passkeys as a way to access our Simplify account? Or...
Simplifi add the ability to download from our bank (or other) accounts that are themselves using passkeys? EDIT: I think this is done using access tokens after passkey authentication, but I don't know if Simplifi is able to do that.

I'm favor of both. But I'm not sure both are being addressed here. Is another feature request needed?

EDIT: I've been reluctant to enable passkey access on my financial accounts because I am worried that Simplifi will no longer be able to access them for me. Is that a problem?

RipTWD · November 2025

Both would be ideal, but at the very least, to access Simplifi. This is my financial hub and should be on the leading edge of security!

RobWilk · November 2025

https://community.simplifimoney.com/discussion/comment/42031#Comment_42031

For app store connect, Apple recently fixed this (yay) so i can use a passkey in the browser to sign in — my earlier comment above no longer applies,.

SRC54 · November 2025

@RobWilk Yep, apparently they made changes in the latest MacOS. They work with Google services for example. I need to set up more to see how this is going.

Attorneycop · January 19

Below is Health Equity's reply to my ticket regarding failed aggregation. It's just an fyi for everyone in this thread to be aware of Health Equity's position:

From: HealthEquity Member Services <memberservices@healthequity .com> Sent: January 19, 2026 7:58Subject: Third Party Aggragator Access [ ref:!00D300ESC.!500a60rlRhP:ref ]

Thank you for your inquiry. Due to the recent rollout of Passkey, which is designed to enhance member security, third-party financial aggregators (e.g., Quicken, Plaid, Fidelity) are currently not functioning. We apologize for any inconvenience that this has caused you.

The Passkey implementation has introduced some challenges with data aggregators, and we are actively working to resolve these issues. Resolving this requires each financial aggregator to collaborate with our HealthEquity product team and make necessary updates on their end. HealthEquity is dedicated to working with each financial aggregator to find a solution as quickly as possible.

For your convenience, our Mobile App is available in the App Store and Google Play.We appreciate you!CristineKayeHealthEquity Member Service

This is confidential correspondence intended only for the recipient. Further distribution or dissemination is prohibited. Please delete if received in error. No part may be construed as tax or legal advice. Unless indicated otherwise, this email does not constitute a "writing" under E-SIGN/UETA, i.e., no contract or agreement is implied or intended.

ref:!00D300ESC.!500a60rlRhP:ref

SRC54 · January 20

The passkeys work well on the iPhone and well with certain sites like Capital One. I just have to enter my Mac's Passcode when it asks, but didn't work well for my local bank.

That said, the password for my Quicken sites never works right. I have to type in my username (email) as it always just gives 3 dots and if I leave that alone, the verification will fail. And half the time I have to get a text with a code anyhow. I try NEVER to sign out with Quicken. It's a mess.

Oh, and why do I have to sign in again for quicken.com when I'm already signed in to Simplifi? And it's the same thing all over. So I am more than willing to change to the passkey.

Tiki_Rum_Lover · January 25

Please, please, please implement passkeys!

I may be a little paranoid, but in a day and age where nearly every day we get a news story about hackers getting into this or that, it’s bonkers to me that Simplifi relies on a username, a password, and an emailed or texted code to log into my account. It’s even more bonkers that my login to my account via the web app doesn’t time out automatically and log me out, or that a passkey enabled by biometrics isn’t required to open the Simplifi app. The TurboTax web app that I’m using to do my taxes prefers passkeys and automatically times out and while that data is sensitive, I don’t think it is nearly as sensitive as the list of all my accounts and the aggregated balances therein.

I’ve only been a user for a few weeks, but I have to admit that this one of the most concerning thing I have about this data aggregator app. I have no doubt that the data on Quicken’s servers is protected but the data on my devices doesn’t seem to the get the same treatment. The last thing I need is someone to steal my phone while it is unlocked and then get access to a list of all of the accounts that I have my money in. (A friend last year had his unlocked phone stolen right out of his hand while he was checking the bus schedule at a bus stop.) I’ve, therefore, made it a habit to log out of the Simplifi web app and close the browser tab, and I’ve forced iOS to require FaceID to launch the Simplifi app on my iPhone and my iPad. These both are standard features of every financial institution I use and should be included by default in Simplifi IMHO.

Please, please, please implement biometrically enabled passkeys ASAP.

DryHeat · January 26

I am in favor of implementing passkeys as a way to access our Simplifi/Quicken account. That seems a sensible security measure. As for implementing a system that allows Quicken to access our financial accounts using our passkeys… I'm more skeptical on that.

If it is implemented such that we provided the passkey directly to our financial account's website when we connect it to Simplifi (and thereafter Simplifi uses an access token, not the passkey, to access the account) then I think it creates no additional risk.

If it is implemented by giving Simplifi actual access to our passkeys, then I think it is a security risk.

(I'm aware that we don't actually provide our passkey to our financial accounts' websites to sign on. It's a more complicated public key / private key message exchange process. But I'm trying to make this legible.)

Tiki_Rum_Lover · January 26

Please implement passkeys to login to my Simplifi account! I might be a paranoid security nut, but in this day and age of daily notification of hacks impacting our personal information it is bonkers that a tool purposely aggregating some of our most sensitive personal information still uses a login with username and password followed with an code that is emailed or texted. TurboTax uses passkeys for their web app and that’s just my tax information!

It’s even more bonkers that the app opens fully unlocked to anyone who I might allow to use my phone or tablet! Even the web version of Simplifi stays logged in perpetually!

To increase security, I purposely log out of Simplifi on the web and close the browser tab when I am done, and have forced iOS to require FaceID to open the Simplifi app on my iPhone and iPad (Long press the app, select Require FaceID, and viola!) This way if my iPhone is stolen from my hands in an unlocked state thief doesn’t also get access to all of my financial details. (Happened to a friend who had his phone stolen while looking up bus schedules). Passkeys would be an improvement in security and it would be awesome if Simplifi would require me to use FaceID or other biometrics to unlock my financial upon launching the app!

— New Simplifi user

Implement Passkeys (edited)

Active · Last Updated May 2023

Comments

Categories