Table of Contents
The rise of passkeys has prompted a question that password manager companies would rather you not think too hard about: if passkeys eliminate passwords, do you still need a password manager? The answer is a clear yes – and it will remain yes for years. This article, part of our passkeys and passwordless authentication series, explains why password managers are more important than ever during the transition to passwordless authentication, and what to look for in a credential manager that handles both.
The Scale of the Remaining Password Problem
Even the most optimistic projections for passkey adoption leave an enormous volume of password-based accounts in place for the foreseeable future. Consider the numbers:
- The average person manages approximately 250 online accounts.
- As of early 2026, roughly 20-25 percent of the top 1,000 websites support passkeys. For the broader internet, the percentage is far lower.
- Even on sites that support passkeys, most users have not yet set them up.
- Legacy accounts, enterprise applications, and niche services will take years to add passkey support.
This means that even if you aggressively adopt passkeys on every service that offers them, you will still have 150-200 password-based accounts that need strong, unique passwords. Managing those passwords without a dedicated tool means reusing passwords, using weak passwords, or maintaining an unwieldy spreadsheet. All of these approaches are security failures.
For a look at which services currently support passkeys, see our supported sites directory.
Password Managers Do More Than Store Passwords
The name “password manager” undersells what these tools actually do. Modern password managers store and manage a wide range of sensitive information:
Passwords – Obviously. But also the metadata around them: associated email addresses, usernames, URLs, and notes about each account.
Passkeys – Most major password managers now store passkeys, making them unified credential managers. 1Password, Bitwarden, Dashlane, and others have added passkey support. KeePass-compatible tools are following. See how password managers are adapting to passkeys for details.
Two-factor authentication secrets – Many password managers store TOTP secrets for two-factor authentication, generating time-based codes alongside your passwords.
Secure notes – API keys, recovery codes, software licenses, and other sensitive text that does not fit the username/password model.
Identity information – Addresses, phone numbers, and other personal data used to fill forms.
Credit cards – Stored securely for faster checkout.
Documents – Some managers support file attachments for sensitive documents like passport scans or insurance cards.
None of these use cases are addressed by passkeys. A passkey replaces the password for a specific site. It does not replace your need to store the recovery codes, secure notes, TOTP secrets, or credit card numbers associated with your digital life.
The Organizational Challenge
Even when passkeys replace passwords, the accounts themselves still need management. You need to know:
- Which accounts you have (and can close the ones you no longer use)
- Which accounts use passkeys and which still use passwords
- Where your passkeys are stored (iCloud Keychain, Google Password Manager, a third-party app)
- What fallback authentication is configured for each account
- When to review and rotate credentials that have not been upgraded
A password manager provides the organizational framework for all of this. Without it, your credential management becomes fragmented across platform credential stores, browser autofill, and memory.
For a practical approach to keeping everything organized during the transition, see managing passwords and passkeys together.
Platform Lock-In Without a Manager
If you rely solely on platform-native passkey storage – iCloud Keychain on Apple, Google Password Manager on Android, Windows Hello on Windows – you create a dependency on that platform for your credentials.
For users entirely within the Apple ecosystem, iCloud Keychain is seamless. But if you ever need to use a Windows or Android device, your passkeys are not readily available. Apple supports cross-device authentication via QR code and Bluetooth, but it is a workaround, not a solution.
A third-party password manager that stores both passwords and passkeys across platforms provides more flexibility. If you use 1Password on Mac and Windows, or Bitwarden on iPhone and Android, your credentials follow you across ecosystems.
For KeePass users, the situation is particularly relevant. The KDBX format provides maximum data portability – your credential database works with any compatible application on any platform. Tools like PanicVault bring a native Apple experience to the KeePass format, while KeePassXC provides cross-platform desktop access to the same database. For the current state of passkey support in the KeePass ecosystem, see passkeys and your KeePass database.
Security Monitoring and Hygiene
Password managers provide security features that go beyond storage:
Breach monitoring. Services like 1Password’s Watchtower and Bitwarden’s Vault Health Reports alert you when credentials appear in data breaches. This monitoring covers your password-based accounts – the ones most vulnerable to breach-related attacks.
Password strength auditing. Your manager can identify weak, reused, or old passwords that need attention. This is precisely the kind of housekeeping that matters most during the passkey transition, as it helps you prioritize which accounts to upgrade.
Secure sharing. Need to share a credential with a family member or team? Password managers provide encrypted sharing mechanisms. Passkeys, by design, are personal and cannot be shared this way.
Emergency access. What happens if you are incapacitated and a family member needs access to your accounts? Password managers offer emergency access features that allow designated contacts to request access after a waiting period. Passkeys, tied to your biometrics and devices, do not have this capability.
The Business Case for Password Managers
For professionals, teams, and families, password managers solve problems that passkeys do not address:
Shared accounts. Many businesses use shared accounts for social media, shared email inboxes, or SaaS tools that do not support multiple seats. Passkeys are individual – they cannot be shared. Passwords stored in a team vault can be.
Onboarding and offboarding. When a team member joins or leaves, password managers make it straightforward to grant or revoke access to shared credentials. Passkeys have no equivalent mechanism.
Compliance and auditing. Some industries require documentation of who has access to what credentials. Password managers provide audit trails. Passkey-based access is harder to centrally audit.
Family password sharing. Sharing the Netflix password, the home WiFi password, or login credentials for shared household accounts is a practical reality for families. Password managers with family plans (1Password, Bitwarden, and others) handle this gracefully.
What to Look for in a Password Manager Today
Given the evolving landscape, here is what to prioritize when choosing a password manager:
Passkey Support
Your password manager should be able to store and use passkeys, not just passwords. This turns it into a unified credential manager. 1Password, Bitwarden, and Dashlane all support passkeys. KeePass-compatible applications are adding support as the KDBX format evolves.
Cross-Platform Availability
Choose a manager that works on all the platforms you use. If you are within the Apple ecosystem, iCloud Keychain plus a KeePass-compatible app like PanicVault provides excellent coverage. If you cross platforms, Bitwarden or 1Password offers the broadest support.
Data Portability
The ability to export your data in standard formats is important. What if the company behind your password manager changes its pricing, gets acquired, or shuts down? The KeePass ecosystem leads here with the open KDBX format, but even cloud-based managers should offer CSV or JSON export.
Security Architecture
Look for zero-knowledge encryption (the provider cannot read your data), strong key derivation (Argon2 preferred), and regular third-party security audits. Open-source code is a bonus for transparency.
Autofill Quality
Your password manager needs to work reliably for both passwords and passkeys in your browsers and apps. On Apple devices, integration with the system autofill framework determines how smooth the experience is in Safari and native apps.
For detailed comparisons, see our guide to the best password manager for Mac and the best password manager for iPhone.
The Timeline: When Might Password Managers Become Optional?
Realistically, password managers will remain essential for at least the next five to ten years. Here is a rough timeline:
2026-2027: Major consumer services widely support passkeys. You reduce your active password count from ~250 to maybe ~150-180, but still need a manager for the rest.
2028-2030: Passkey support reaches mid-tier websites and many enterprise applications. Your password count drops further, but legacy accounts and niche services persist.
2030+: Even if the majority of your accounts use passkeys, password managers will have evolved into general-purpose credential and identity managers that store passkeys, recovery codes, secure notes, identity documents, and more.
The password manager is not going away. Its role is expanding, not shrinking. The best tools are already adapting to become the single place where you manage all your digital credentials, regardless of whether they are passwords, passkeys, or something new.
Practical Recommendations
Keep using your password manager. Do not stop because you have set up a few passkeys. You have hundreds of other credentials that need protection.
Choose a manager that supports passkeys. If your current tool does not support passkey storage, consider migrating to one that does. Having everything in one place simplifies your security.
Upgrade accounts to passkeys where possible. Use your password manager’s auditing features to identify high-priority accounts that support passkeys and have not been upgraded.
Maintain fallback passwords. Even on passkey-enabled accounts, keep your fallback passwords strong and stored in your manager. A weak fallback password undermines passkey security.
Review your credential landscape quarterly. Check for new passkey-supporting services, close unused accounts, and ensure your security posture is current.
The passkey revolution is real and welcome. But revolutions take time, and the interim period requires the same tools that got us through the password era – just smarter, broader, and better integrated with the technology that is replacing passwords.
