🔑 Passkey / WebAuthn Tester

Try registering a passkey against an in-page ephemeral relying party, then verify it. Nothing is persisted server-side — the credential lives entirely on your authenticator and an in-memory record in this tab. The credential remains saved in your authenticator (Touch ID, Windows Hello, YubiKey, password manager) unless you remove it from there manually.

1Register a passkey

Calls navigator.credentials.create() with a random challenge. Your browser will prompt you to authenticate with Face ID, Touch ID, Windows Hello, a security key, or a password manager.

Authenticator preference Resident key

2Verify the passkey

Calls navigator.credentials.get() with a fresh random challenge. You'll authenticate again, and we'll verify the signature against the public key from step 1.

User verification

Registration details

Verification details

📚 What's happening under the hood

Register: the page generates a random challenge and asks your authenticator to mint a new keypair scoped to this origin. The public key plus an attestation come back; we hold the public key only in this tab.
Verify: the page generates a fresh challenge. Your authenticator signs SHA-256(clientDataJSON) together with authenticator data, then sends a signature back. We verify it against the public key from step 1 using Web Crypto.
Phishing resistance: the signature commits to the origin of the page. A look-alike site (funwithtext.co) can't reuse signatures from funwithtext.com even if it tricked you into authenticating.

🧹 Cleaning up

The passkey you create here lives on your authenticator until you delete it. To remove it:

iCloud Keychain (iOS/macOS): Settings → Passwords → search for "funwithtext.com"
Google Password Manager: passwords.google.com → search for "funwithtext.com"
1Password / Bitwarden / Dashlane: search for "funwithtext.com" in your vault
Security key: many keys store passkeys; use your key vendor's manager app to remove

🧰 Related privacy tools

🔐 Permissions 🧬 Fingerprint 🔑 Password Generator 🪪 JWT Decoder