Altitude is passwordless. Instead of a password, you sign in and approve sensitive actions with a passkey: a modern, phishing-resistant credential that lives on your device or in your password manager. This article explains what passkeys are, how Altitude uses them, and which passkey providers we support.
What is a passkey?
A passkey is a pair of cryptographic keys that replaces a password. The private key stays securely on your device or in your password manager and never leaves it. Altitude only ever sees the matching public key. You unlock it with something you already use, like Touch ID, Face ID, or your device PIN.
Passkeys are an industry standard (WebAuthn/FIDO2) built into modern devices and browsers, so there is nothing new to install.
How passkeys differ from passwords:
Nothing to remember or reuse. There is no password to create, type, or recycle across sites.
Nothing to leak in a breach. Altitude never stores a password that could be stolen or phished.
Phishing-resistant. A passkey is tied to Altitude's real domain and won't work on a lookalike site.
Unlocked by you. Your biometrics or device PIN approve each use.
Why Altitude uses passkeys
Your Altitude workspace holds real funds and is self-custodial, so account security matters. Passkeys give you strong, phishing-resistant protection without the weak link that passwords create.
Passkeys are one layer of Altitude's enterprise security model, which protects each personal account with three credentials:
Primary key: your passkey or a YubiKey, used to sign in and authorize actions.
Primary email (2FA): a second factor used when you approve payments and other sensitive actions.
Recovery email: a backup on a different domain, used to regain access if you lose your primary email.
Together these protect against a single point of failure. To learn more, see Enterprise security on your Altitude account and workspace.
Where you use your passkey
You'll use your passkey in two main places:
Signing in. Your passkey replaces a password at login.
Approving sensitive actions. When you approve a payment, sign a transaction, or take another security-sensitive action such as removing a member, Altitude asks you to confirm with a six-digit code sent to your primary email. You won't need your passkey again while you're signed in.
Staying signed in
For your security, you stay signed in for about 30 minutes. Shortly before your session ends, Altitude asks whether you want to stay signed in. If you don't respond, you're signed out automatically, and you sign back in with your passkey.
Setting up your passkey
You create your passkey when you open an account, or when you're prompted to complete a one-time security upgrade on an older account. Setup takes about two minutes:
Choose where to store your passkey: your device's biometrics, a supported password manager, or a YubiKey.
Confirm with Touch ID, Face ID, your device PIN, or your YubiKey.
Add a recovery email on a different domain from your primary email, and enter the six-digit code sent to it.
Tip: Store your passkey somewhere you can reach it from every device you use for Altitude. Password managers like 1Password and Dashlane sync your passkey across your devices automatically.
For the full signup walkthrough, see Open an account.
Supported passkey providers
You can store your Altitude passkey with most major providers. The following are confirmed to work:
1Password
Dashlane
LastPass
Apple passkeys on iPhone (iOS)
Google Chrome
YubiKey
Important: Windows Hello is not supported. If you're on Windows, store your passkey in a supported password manager (such as 1Password) or use a YubiKey. Avoid saving your Altitude passkey to Windows Hello, even if your browser suggests it, especially if you already use another password manager.
Coming soon: NordPass support is in progress.
Troubleshooting
I got an error creating or using my passkey. This usually means your passkey is stored with a provider we don't support yet, such as Windows Hello. Set up your passkey again using one of the supported providers above.
The passkey prompt timed out. Passkey approval has a short time limit. If the prompt closes before you confirm, just start the action again.
My recovery email code didn't arrive. Codes usually arrive within a minute, but can occasionally take a few minutes. Check your spam folder, and request a new code if needed.
I lost the device with my passkey. You can regain access using your recovery email. If you're still locked out, contact Altitude support.