imKey Pass Manaul
Get Started
See all articlesWhat Is a Passkey?
A Passkey is a safer and more convenient way to sign in without using a traditional password. In simple terms, it lets you verify your identity through your phone, computer, or hardware security device — for example, by using your fingerprint, face recognition, device lock screen password, PIN, or hardware security key to sign in to apps and websites.
Compared with traditional passwords, Passkeys do not require users to remember complex passwords or reuse the same password across different platforms. This helps reduce risks such as weak passwords, password leaks, credential stuffing, and phishing websites.
Note: Passkey availability may vary depending on your phone model, system version, browser, credential manager, or manufacturer support. If your device does not currently support Passkeys, you may not be able to create or use a Passkey account. Please follow the actual in-app instructions or contact your device manufacturer for details.
How does a Passkey work?
Passkeys are based on public-key cryptography. When you create a Passkey for an app or website, your device generates a key pair: a public key and a private key.
The public key is stored on the app or website server and is used to verify your identity. The private key is stored on your phone, computer, credential manager, secure chip, or hardware security device, and is never sent to the app or website.
When you sign in with a Passkey, the app or website sends a verification request to your device. After you confirm with your fingerprint, face recognition, device password, PIN, or hardware device, your device signs the request with the private key. The server then uses the public key to verify the signature. Once verified, you can complete the sign-in process.
In other words, your identity is verified using the private key stored on your device, rather than a password you type in.
What is the relationship between Passkeys and fingerprint or face recognition?
Many people think of Passkeys as “fingerprint sign-in” or “face sign-in,” but that is not entirely accurate.
Fingerprint, face recognition, or device PIN is only used to unlock the Passkey private key stored locally on your device. Apps and websites do not receive your fingerprint or face data, nor do they directly use these biometric details to verify your account.
You can think of fingerprint, face recognition, or PIN as the way to “unlock the key,” while the Passkey is the actual “key” used for sign-in verification.
What is a hardware Passkey?
In addition to Passkeys stored on phones, computers, or credential managers, there is also a more independent form: hardware Passkeys.
A hardware Passkey usually refers to a hardware security key or hardware authenticator that supports FIDO2 / WebAuthn standards. Unlike Passkeys stored on phones or computers, the private key of a hardware Passkey is usually stored only inside the hardware device and cannot be exported to a computer, phone, or cloud account.
Take imKey Pass S6 as an example. It is a hardware Passkey with fingerprint verification, designed based on the FIDO2 standard. It can be used with websites and apps that support Passkey / security key sign-in. When you use imKey Pass S6 to sign in to an account, you need to connect the device to your computer or phone and confirm the operation with your fingerprint, PIN, or other supported method. The device completes signature verification locally, while the website or app only receives the verification result and does not obtain the private key used for sign-in verification.
Therefore, hardware Passkeys such as imKey Pass S6 are more like independent physical keys. They are suitable for users who have higher account security requirements and want to reduce reliance on cloud-based synchronization.
Is a Passkey the same as a wallet private key or mnemonic phrase?
No.
A Passkey is usually used to prove that “you are the person signing in or performing account-level identity verification,” while a wallet private key and mnemonic phrase represent control over on-chain assets.
A hardware Passkey is also not the same as a hardware wallet. A hardware Passkey is mainly used for account sign-in and identity verification, while a hardware wallet is mainly used to generate and store wallet private keys and sign on-chain transactions locally. Both can improve security, but they protect different things and are used in different scenarios.
Therefore, using a Passkey does not mean you can ignore wallet security. You should still carefully protect your mnemonic phrase, private key, devices, transaction signing details, and approval risks.
What should you keep in mind when using a Passkey?
First, protect your phone, computer, or hardware security device. Do not share your device password, system account password, credential manager account, or hardware device PIN with anyone.
Second, after enabling Passkeys, it is recommended to set up a backup device, backup Passkey, backup security key, or account recovery method in advance, so you can avoid losing access if your device is lost.
Finally, although Passkeys can reduce the risk of password phishing, you should still stay alert to fake websites, fake apps, and malicious links. In Web3, sign-in verification and on-chain transaction signing are two different things. Before every signature or approval, carefully check the transaction details, target website, and contract information.
Summary
A Passkey is a passwordless sign-in method based on public-key cryptography. It allows users to sign in with a fingerprint, face recognition, device password, PIN, or hardware security device, while reducing the risks of password leaks, password reuse, and phishing.
If you want to further improve account security, you can also choose a hardware Passkey such as imKey Pass S6, which stores the private key used for sign-in verification in an independent hardware device.
However, passkeys are not a complete security solution. Whether you use a Passkey on your phone or an independent hardware Passkey, you still need to protect your devices and account recovery methods, and stay cautious when dealing with wallet assets, on-chain signatures, and contract approvals.
imKey Pass S6 — Quick Start Guide
1. What is imKey Pass S6?
imKey Pass S6 is a fingerprint-enabled security key (hardware passkey) based on the FIDO2 standard. Its core features include:
- Fingerprint + PIN dual-factor, supporting passwordless login / strong two-factor authentication
- Supports FIDO2 / FIDO U2F protocols — works with Google, GitHub, Amazon, OKX, and other websites that support passkeys or security keys.
- USB-C interface, compatible with mainstream systems like Windows / macOS and modern browsers.
- Built-in fingerprint sensor for local identity verification with a simple touch.
In simple terms:
imKey Pass S6 is your physical passkey —using your fingerprint instead of passwords. One device unlocks many accounts and also serves as a secure identity entry point for Web3.
At the same time, imKey Pass S6 can create Web3 accounts and be used together with imToken Web (https://web.token.im/).
2. Before You Start
1) Hardware and System Requirements
- A computer (Windows / macOS are both supported)
- One available USB-C port
- USB-A users can use an official or high-quality USB-A to USB-C adapter
- Up-to-date browser such as:
- Chrome / Edge / Safari / Firefox (must support FIDO2 / Passkeys)
2) Websites Currently Tested With imKey Pass
The following services have been tested to work with imKey Pass (but are not limited to):
Common account services:
- Google (Google Account: Passkey)
- GitHub (developer account: Passkey)
- Amazon (Amazon: Passkey)
- X.com (formerly Twitter: U2F Security Key)
- AWS (Amazon Web Services: Passkey)
Crypto exchanges:
- OKX (Passkey / physical security key)
- Binance(Passkey / physical security key)
📌 Note: Websites may use different terms—Passkey / Security Key / FIDO Key—they refer to the same type of FIDO2 device.
3. First-Time Setup: Add a imKey Pass to Google Account
(This process also initializes your PIN and fingerprint.)
Step 1: Log in to Your Google Account and Open Security Settings
- Open any Google page in your computer browser.
- Sign in with your existing login method.
- Click your avatar in the upper-right corner → select “Manage Your Google Account”.
- In the left-hand menu, go to the “Security and Login” section.
Step 2: Go to the “Passkeys and Security Keys” Management Page
- In “Ways to sign in to Google” (or similar), find “Access key and security”.
- Click “Access key and security” to open the settings page.
Step 3: Add a New Passkey / Security Key
- Click “Create a passkey”.
- Your browser will pop up a system security dialog. Click “Replacement equipment” .
Step 4: Plug in imKey Pass S6 and Follow the Prompts
- Insert imKey Pass into the USB-C port of your computer.
- If you are using an adapter, plug in the adapter first, then insert imKey Pass.
- Wait for the system to recognize the device. Your browser will automatically display a FIDO security key setup window.
- If this is your first time using imKey Pass, the system will ask you to:
- Set or enter a PIN
- Then add fingerprint authentication (some systems guide fingerprint enrollment afterward)
Step 5: Set the PIN Code for imKey Pass (First-Time Only)
- In the system popup window, enter the PIN code you want to set for imKey Pass:
- It is recommended to use at least 6 digits, and avoid weak PINs like your birthday or phone number.
- Re-enter the PIN to confirm and complete the setup.
Once the PIN is set, when you use imKey Pass on a new device in the future, you may be asked to enter the PIN first and then verify your fingerprint.
Step 6: Add Fingerprints and Complete Passkey Binding
- After the PIN is verified, the page will prompt you to touch the fingerprint sensor on your security key to add a fingerprint.
- Lightly touch the round fingerprint area on imKey Pass with the finger you want to enroll to complete identity verification.
Explanation:
In the process above, adding a passkey in Google actually equals:
- Completing the first-time initialization of imKey Pass, and
- Binding this key as a passkey in your Google account.
After this, you will see a new entry in the “Passkeys & security keys” list.
4. Final Notes
imKey Pass is designed to make secure login effortless and sustainable.
All you need is to plug in the device + touch your fingerprint, and you can securely access multiple websites and Web3 services using one physical passkey.
When used together with the imKey hardware wallet, you can separate roles as follows:
- imKey Hardware Wallet → long-term cold storage for digital assets
- imKey Pass → secure login for important accounts + daily Web3 identity gateway
If you encounter any problems during actual use, feel free to contact us at support@imkey.im
We’re always here to help you hold smart and stay safe.
Important Notice:imKey sells physical security hardware products only and does not provide any virtual asset trading, custody, or funds-related services. References to third-party wallets, exchanges, or decentralized applications are for compatibility purposes only; related functions and services are provided independently by third parties.
Daily operations and scenarios
See all articlesHow to Enable imKey Pass S6 on your Microsoft Account (Security Key / Passkey)
A Microsoft personal account (Microsoft Account) supports FIDO2/WebAuthn security keys as one of the sign-in and verification methods. After you add imKey Pass S6, you can verify sign-ins and sensitive security actions by plugging in the hardware key and completing local verification (fingerprint/PIN), significantly improving phishing resistance and account protection.
Before you start
Please make sure you have the following ready:
- A way to connect a USB-C security key (if your device only has USB-A, use a high-quality adapter).
- imKey Pass S6 is working properly.
- It’s recommended that you have already configured a PIN and enrolled your fingerprints on your computer.
1. Add imKey Pass S6 to your Microsoft Account (Web, recommended)
- Open the Microsoft Account page and sign in normally.
- Go to Security → Manage how l sign in.
- Click Add another way to sign in to your account.
- Choose Face, fingerprint, PIN, or security key (add a new sign-in or verification method).
- Insert imKey Pass S6. When the passkey prompt appears, select Key ID in the pop-up window.
- You’ll see “Setting up your passkey…”. Click Next.
- Follow the prompts and touch the fingerprint sensor to complete registration.
- After it’s added successfully, name the key (e.g., imKey Pass ) for easier management later.
- Once finished, confirm the security key appears in the list, and keep at least one backup sign-in/verification method.
2. How and When to Use It?
Once added, the security key will typically be triggered during:
- Signing in to your Microsoft Account on a new device or a new browser
- Accessing security-sensitive pages (e.g., changing security settings, managing verification methods)
- Performing critical actions that require you to prove it’s you
When prompted to use a security key:
Insert imKey Pass S6 → touch the fingerprint sensor (as prompted) → verification completes.
3. Manage or remove your security key
If you want to remove a passkey/security key, go to the Microsoft security options page, find the passkey in the list, select it, and delete it.
⚠️ Strongly recommended: Make sure you still have another available sign-in/verification method before removing the security key, so you don’t get locked out of your account.
Important security tips
- Separate primary and backup keys: carry the primary key and store the backup key in a different location.
- Keep PINs Separate: Do not store your PIN together with the physical key to prevent unauthorized access if lost.
- Keep at least one backup verification method: in case the key is lost or damaged.
Important Notice:imKey sells physical security hardware products only and does not provide any virtual asset trading, custody, or funds-related services. References to third-party wallets, exchanges, or decentralized applications are for compatibility purposes only; related functions and services are provided independently by third parties.
How to Use imKey Pass S6 with Discord
Discord now supports Passkey sign-in. By adding imKey Pass S6 as a passkey, you can log in using local verification on the hardware key (fingerprint)—no traditional password required.
This not only improves convenience, but also significantly enhances physical security and phishing resistance for your Discord account.
Before You Start
Please make sure the following requirements are met before proceeding:
- Discord app is installed and you are logged in.
- A USB-C security key can be connected.
- If your device only supports USB-A, use a high-quality adapter.
- imKey Pass S6 is functioning properly.
- It is recommended that you have already:
- Set a PIN on your computer.
- Enrolled your fingerprint on imKey Pass S6.
Adding imKey Pass S6 to the Discord App
- Open the Discord app.
- Click your profile avatar in the bottom-right corner.
- Click Settings (gear icon) in the top-right.
- Go to Account → Security Keys.
- On the Security Keys & Passkeys page, click Add (top-right).
- Insert imKey Pass S6
- When prompted to add a passkey, click More Options.
- Select Use Security key.
- Follow the on-screen instructions and touch the fingerprint sensor to complete the binding.
- After successful binding, Name your security key (e.g. imKey Pass S6) for easier management later.
How to Use It During Login
- On the Discord login screen, click “Or sign in with passkey”
- In some cases, passkey verification may be triggered automatically after entering your account.
- When the passkey verification prompt appears, select Use Passkey.
- Insert imKey Pass S6 and touch the fingerprint sensor as instructed.
- Once verified, you will enter the Discord home page directly without needing to enter a password.
Important Notice:imKey sells physical security hardware products only and does not provide any virtual asset trading, custody, or funds-related services. References to third-party wallets, exchanges, or decentralized applications are for compatibility purposes only; related functions and services are provided independently by third parties.
FAQ
What if I don’t have my imKey Pass S6 with me?
You can still sign in using your password + traditional 2FA (such as email or verification codes).
Passkeys are an optional but more secure and convenient login method.
Can I bind multiple imKey Pass S6 devices?
Yes.
To avoid losing passwordless access due to device loss, it is recommended to bind two imKey Pass S6 devices (one primary, one backup).
Important Notice:imKey sells physical security hardware products only and does not provide any virtual asset trading, custody, or funds-related services. References to third-party wallets, exchanges, or decentralized applications are for compatibility purposes only; related functions and services are provided independently by third parties.
How to use imKey Pass S6 with GitHub
What is GitHub?
GitHub is a widely used platform for code hosting and collaboration. Developers can manage repositories, work together on projects, submit and review code, and track issues. Since a GitHub account often has access to important repositories and permissions, it’s strongly recommended to enable stronger sign-in protection.
Why Recommend imKey Pass S6?
Key benefits of using imKey Pass S6 as your GitHub Passkey:
- Stronger Phishing Resistance: No longer relies on SMS codes or verification methods that can be stolen by fake websites.
- Physical Presence Required: Logging in requires the physical key and local verification (PIN / fingerprint).
- Faster & More Stable: Simply insert the key and complete local verification to log in.
Preparation Before You Start
Please make sure you have:
- Computer Browser: Chrome, Edge, or other browsers that support Passkeys.
- Available Port: USB-C (if you have a USB-A port, a high-quality adapter is recommended).
- Device: You possess and can normally use the imKey Pass S6.
- Setup: It is recommended to set up your PIN and enroll fingerprints in advance (though you will also be prompted to complete this during the first binding).
1. Add imKey Pass S6 as a Passkey on GitHub
- Log in to GitHub, then click your avatar in the top-right corner.
- Select Settings.
- In the left menu, click Password and authentication.
- Find the Passkeys section.
- Click Add passkey.
- Pop-up prompt: Configure passwordless authentication.
- Click Add passkey.
- When the browser pop-up appears:Click the key icon in the top-right corner (Security Key).
- Insert your imKey Pass S6, then touch the fingerprint sensor to complete registration.
- If this is your first time using the key, you’ll be asked to set a PIN and enroll a fingerprint.
- After the key is successfully registered, give it a name (e.g., imKey Pass S6).
- Click Done to finish.
- Once you return to the Passkeys list, you should see imKey Pass S6, which means it has been added successfully.
2. How to sign in to GitHub with imKey Pass S6
After setup, you can use your Passkey to sign in:
- Open the GitHub login page and choose Continue with Passkey.
- Insert your imKey Pass S6 and touch the fingerprint sensor to sign in.
Note: The exact entry point may vary depending on your browser or account status, but the core flow is the same:
Choose Passkey → Insert the key → Complete local verification.
3. How to Manage / Change / Remove Passkey (imKey Pass S6)
You can manage your Passkeys anytime in GitHub:
Path: Settings → Password and authentication → Passkeys
In the Passkeys list, you can:
- ✏️ Edit the name (Nickname)
- 🗑️ Delete the Passkey (Remove device)
Tip: If you see “Seen from this browser”, it means the Passkey is recognized and available in the current browser environment.
FAQ
Q1: I clicked “Add passkey”, but the pop-up only lets me use my phone/system passkey. What should I do?
In the pop-up window, click the key icon in the top-right corner, switch to Use a security key, then insert your imKey Pass S6 to continue.
Q2: Can I add only one imKey Pass S6?
Yes, but it’s strongly recommended to keep a backup option (for example, retain another sign-in/recovery method, or add a second compatible security key) to avoid losing access if the key is lost.
Q3: What happens if I delete the Passkey?
After deletion, you won’t be able to sign in with that imKey Pass S6 Passkey anymore. However, you can still sign in using other methods (password, 2FA, etc.) as long as you keep at least one valid authentication method.
Important security tips
- Always keep a backup option: Don’t let a single key become your only way in.
- Store the key and PIN separately: Never write the PIN on the case or store it with the key.
- Watch out for phishing: Always make sure the domain is github.com before signing in, and avoid entering credentials from unknown links.
Important Notice:imKey sells physical security hardware products only and does not provide any virtual asset trading, custody, or funds-related services. References to third-party wallets, exchanges, or decentralized applications are for compatibility purposes only; related functions and services are provided independently by third parties.
imKey Pass Supported Apps List
Overview of imKey Pass Application Support
The imKey Pass is built on international FIDO / Passkey standards. TIt works seamlessly with a wide range of applications and services that support these standards to provide a safer and more convenient Sign-In Verification and identity verification experience.
Supported use cases include passwordless "Passkey" Sign-In Verifications, hardware security key authentication, and Two-Factor Authentication (2FA / MFA).
Important Notice
- Compatibility: Information regarding third-party verification or compatibility is provided solely to confirm technical support for FIDO / Passkey standards. It does not imply any commercial partnership, joint promotion, or official endorsement between imKey and any listed platform or manufacturer.
- Scope of Responsibility: As a hardware carrier for Passkey / FIDO standards, imKey Pass is responsible only for providing secure local key storage and authentication capabilities.
- Third-Party Services: The account systems, data security, service stability, and functional support scope of third-party applications are the sole responsibility of the respective service providers.
Configuration and Best Practices
Finding the Setup Menu Most platforms locate these settings within 「Account Settings」 or 「Security」options. You can typically find them under sub-sections labeled "Two-Factor Authentication (2FA / MFA)" or "Passkeys / Security Keys."
Keywords to Look For When searching through settings, look for these common terms:
- Passkeys
- Security Key
- FIDO2
- WebAuthn
- 2FA / MFA
Configuration Recommendations
- Primary & Backup Strategy: To ensure foolproof access, we highly recommend binding two security keys to your critical accounts (one as your primary key and one as a backup, stored in a separate location).
- Save Recovery Codes: If a platform provides "Recovery Codes," be sure to save them offline. This ensures you can still log in if your hardware device is lost or becomes unavailable.
imKey Pass Supported Applications (Continuously Updated)
The following applications have been verified to support standard capabilities such as Passkeys or FIDO2 hardware security keys.
Note: The actual method of support is subject to the specific application's current version and official security settings.
| App Name | App Type | Security Settings Link | Main Function |
| imToken | Web3 Wallet | https://web.token.im | Account Registration / Sign-In Verification |
| Infinex | Web3 Wallet | https://app.infinex.xyz/sign-up/passkeys | Account Registration / Sign-In Verification |
| Coinbase | Exchange | https://accounts.coinbase.com/security/settings | Sign-In Verification |
| Binance | Exchange | https://accounts.binance.com/zh-CN/security/manage-yubikey-authenticator | Account Registration / Sign-In Verification |
| Kraken | Exchange | https://pro.kraken.com/app/settings/security | Sign-In Verification |
| Google Account | Digital Identity | https://myaccount.google.com/security | Sign-In Verification |
| Gmail | Email Service | https://mail.google.com | Sign-In Verification |
| Microsoft Account | Personal Account | https://account.microsoft.com | Sign-In Verification |
| Apple ID | Digital Identity | https://account.apple.com/sign-in | Two-Factor Auth (2FA) |
| Social Platform | https://www.instagram.com/accounts/two_factor_authentication/ | Sign-In Verification | |
| X (Twitter) | Social Platform | https://twitter.com/settings/security/Sign-In Verification_verification | Two-Factor Auth (2FA) |
| Slack | Collaboration | https://your-workspace.slack.com/account/settings | Two-Factor Auth (2FA) |
| Zoom | Video Meetings | https://zoom.us/profile | Sign-In Verification |
| Notion | Knowledge Mgmt | https://www.notion.com/help/passkeys | Sign-In Verification |
| GitHub | Developer Platform | https://github.com/Sign-In Verification | Sign-In Verification |
| GitLab | Developer Platform | https://gitlab.com/users/passkeys/sign_in | Sign-In Verification |
| 1Password | Password Manager | https://my.1password.com/profile/2fa | Two-Factor Auth (2FA) |
| Azure AD | Enterprise Service | https://portal.azure.com | Sign-In Verification |
| AWS | Cloud Services | https://docs.aws.amazon.com/IAM/latest/UserGuide/enable-fido-mfa-for-root.html | Two-Factor Auth (2FA) |
| Cloudflare | Network Security | https://dash.cloudflare.com/profile/authentication/management | Two-Factor Auth (2FA) |
Important Notice:imKey sells physical security hardware products only and does not provide any virtual asset trading, custody, or funds-related services. References to third-party wallets, exchanges, or decentralized applications are for compatibility purposes only; related functions and services are provided independently by third parties.
imKey Pass S6 Compatibility Quick Reference Guide
This guide is designed to help you quickly understand the compatibility of imKey Pass S6 across various operating systems and browsers.
The imKey Pass S6 is a hardware security device connected via a USB-C interface. Built on FIDO / WebAuthn standards, it offers a more secure login experience than traditional passwords. It handles both Passkeys and traditional Two-Factor Authentication (2FA) with ease.
Core Concepts at a Glance
To simplify your experience, here is a brief overview:
- Passkey: The current mainstream and simplest login method, often allowing for direct login without a password.
- WebAuthn / FIDO Credentials: These are broader technical terms that include both Passkeys and security credentials used for 2FA.
For users, you only need to remember one thing: The imKey Pass S6 securely stores and manages these credentials, whether you are performing a passwordless login or adding an extra layer of security to your account.
Operating System and Browser Support
The imKey Pass S6 utilizes a wired USB-C connection. For the best experience, we recommend using the combinations listed below:
Friendly Reminder:
Since the imKey Pass S6 does not support NFC, please ensure your mobile device has a USB-C port or use a compatible adapter (such as a Lightning to USB camera adapter) for connection.
Common Usage Scenarios
The imKey Pass S6 is primarily used in three scenarios, all of which offer a highly intuitive experience.
1. Complete Password Elimination (Passkey Login) This is the most convenient method. You do not need to enter a username or a password.
- Action: Insert the imKey Pass S6 and verify (enter PIN or scan fingerprint). The system automatically identifies you and completes the login.
- Applicable to: Websites and apps that support Passkeys.
2. Passwordless Verification You select or enter your account name first, but you do not need to enter a password. Instead, verification is completed via the imKey Pass S6.
- Action: Enter Username → Website requests verification → Insert device and verify fingerprint or PIN.
3. Dual Security Protection (2FA / Second Factor Authentication) This is the traditional security enhancement mode.
- Action: Enter Username and Password → Website requests secondary verification → Insert imKey Pass S6 to confirm.
- Value: Even if hackers steal your password, they cannot log into your account without your hardware device.
Platform-Specific Feature Support
If you want to know the support status for specific hardware management functions (such as enrolling fingerprints or setting a PIN) on each platform, please refer to the table below:
Additional Notes:
- Whether PIN setup or fingerprint management is supported depends on whether the operating system and browser expose the hardware management interface.
- Even if a specific platform does not support settings (like adding a fingerprint), it does not affect normal usage (login/verification) if the device has already been initialized elsewhere.
Important Notice:imKey sells physical security hardware products only and does not provide any virtual asset trading, custody, or funds-related services. References to third-party wallets, exchanges, or decentralized applications are for compatibility purposes only; related functions and services are provided independently by third parties.
How to use imKey Pass S6 with your Apple ID
What is an Apple ID?
An Apple ID (Apple Account) is your unified account for accessing Apple services such as iPhone/iPad/Mac, iCloud, App Store, Apple Music, and Find My. It’s typically protected by a password + two-factor authentication (2FA).
Why Choose imKey Pass S6?
After enabling Apple’s security keys, you’ll get stronger account protection:
- Security keys replace the traditional 6-digit verification code as your second factor. This makes it much harder for attackers to steal your verification code through SMS phishing or social engineering.
- Physical Verification: For critical actions—such as logging in on a new device or web browser, resetting a password, or unlocking your account—you must insert and verify your physical key (using PIN/fingerprint verification locally, depending on the key).
Before you start
Please make sure you have the following ready:
- At least two FIDO-certified security keys
Apple requires you to add two security keys. - All devices that use your Apple ID must meet the system requirements:
- iOS 16.3 / iPadOS 16.3 / macOS Ventura 13.2 or later
- Connection and adapters:
- iPhone 15 and later (USB-C) can connect directly to a USB-C security key
- If you have a Lightning iPhone, prepare a compatible adapter (a high-quality adapter is recommended)
1. Adding imKey Pass (Security Keys) S6 to your Apple ID on iPhone
- Open Settings.
- Tap your name at the top, then go to Password & Security.
- Tap Security Keys.
- In the pop-up window, tap Add Security Keys.
- You’ll see a message saying two security keys are required. Tap Continue.
- Enter your iPhone passcode.
- Insert your imKey Pass S6, then touch the fingerprint sensor to complete registration.
- If this is your first time using the key, you’ll be prompted to set a PIN and enroll a fingerprint.
- Name your first key (for example, imKey Pass S6) and then continue to add the second key.
- Name the second key (for example, Backup Key).
- When you see Security Keys Added, tap Done.
Tip: Store your two keys in different locations (for example, one with you and one at home or in the office) to reduce the risk of losing access.
2. How to Use It & When Is It Triggered?
After security keys are enabled, you’ll be prompted to use imKey Pass S6 in scenarios such as:
- Logging into your Apple ID on a new device
- Logging into Apple ID / iCloud on the web browser
- Resetting your Apple ID password or unlocking your account
- Adding or removing security keys
Action Required: When prompted, insert the security key and touch the fingerprint sensor to complete verification.
3. Managing, Replacing, or Removing Security Keys
Managing on iPhone/iPad
Go to:
Settings → Your Name → Sign-In & Security → Two-Factor Authentication → Security Keys
You can:
- Remove a single key, or
- Choose Remove All Keys
(Removing all keys will revert your account back to the 6-digit verification code method.)
Manage on Mac
Go to:
System Settings → Your Name → Sign-In & Security → Two-Factor Authentication → Security Keys
You can remove all keys.
(Removing all keys will also revert your account back to the 6-digit verification code method.)
FAQ
Q1: Why does Apple require at least two security keys?
Security keys can be lost or damaged. Apple requires a backup key to prevent a single point of failure that could lock you out of your account.
Q2: Can I still use SMS codes or verification prompts after enabling security keys?
No. Security keys replace the traditional 6-digit verification code as your second factor. You will only revert to the 6-digit code method if you choose to "Remove All Security Keys."
Q3: Which devices may be affected?
Older Devices: Devices that cannot be upgraded to the supported OS versions (iOS 16.3/macOS 13.2+) will no longer be able to sign in to this Apple ID.
Account Types: Child accounts and Managed Apple IDs are not supported.
Important Notice:imKey sells physical security hardware products only and does not provide any virtual asset trading, custody, or funds-related services. References to third-party wallets, exchanges, or decentralized applications are for compatibility purposes only; related functions and services are provided independently by third parties.
Best practices for Web3
See all articlesHow to Use imKey Pass S6 with OKX ?
Before you start
Make sure that:
- You have logged in to the OKX app.
- Your imKey Pass S6 has been set up with a PIN and fingerprint.
- Your computer or phone has a working USB-C port. If you need to use a USB-A port, please use a high-quality adapter to ensure a stable connection.
1. Bind imKey Pass S6 to Your OKX Account
- Open the OKX app and go to the Home page.
- Tap the「⁝⁝⁝」 icon in the upper-left corner to enter the account/profile page.
- Go to Account settings.
- Select Security > Passkeys.
- On the Passkeys page, tap Add passkey at the bottom.
- Follow the on-screen instructions to verify your identity using an existing method (such as SMS, email, or biometric verification).
- When the system prompts “Save a passkey?”, select More Options > Use security key.
- Insert your imKey Pass S6 and touch the fingerprint area to confirm.
- When you see USB Passkey #1 in the passkey list, the binding is successful.
2. Rename Your Security Key
To easily identify your device later, we recommend renaming the default system name to the device name:
- In the OKX passkey list, tap the newly bound USB Passkey #1 to open its details page.
- Tap Rename at the bottom of the details page.
- Change the name to imKey Pass S6, then tap Save.
- Return to the list. The passkey should now be renamed to imKey Pass S6.
3. Log In with imKey Pass S6
- Open the OKX app and tap Log in.
- On the login page, select Passkey.
- On the verification page, tap Use security key.
- Insert your imKey Pass S6 and follow the instructions to touch the fingerprint area. Once confirmed, the login verification will be completed.
Security Tips
- Always maintain at least one other available login or recovery method.
- If possible, prepare a second security key as a backup device.
- Before removing a passkey or resetting your device, make sure you still have another available login method.
- If your device is lost or damaged, you can use other recovery methods provided by OKX to verify your identity and bind a new security key.
How to Use imKey Pass S6 with Coinbase
Coinbase supports FIDO security keys as a two-factor authentication (2FA) method.
After binding imKey Pass S6, you will be required to insert the hardware key and complete local verification (fingerprint or PIN) when logging in or performing critical security actions. This significantly enhances protection against phishing and account takeovers.
Before You Start
Before proceeding, please make sure that:
- You have a registered Coinbase account that you can log into normally.
- You have a device that can connect a USB-C security key
- (If your device only supports USB-A, use a high-quality adapter)
- Your imKey Pass S6 is functioning properly
- Recommendation: PIN setup and fingerprint enrollment have already been completed on a computer.
Adding imKey Pass S6 in the Coinbase App (Security Key 2FA)
The following steps use the Coinbase mobile app as an example:
- Open the Coinbase app and go to the home screen.
- Tap the avatar in the top-left corner to enter your account.
- On the Account & Settings page, tap Security.
- On the Security page, select Two-step verification, then choose Security key.
- On the Security Key setup page, tap Continue.
- When prompted with “Use Passkey”, insert your imKey Pass S6 and follow the on-screen instructions to touch the fingerprint sensor and complete the binding process.
- Once successfully added, imKey Pass S6 will become one of your available 2FA verification methods.
How to Use imKey Pass S6 When Logging In
After adding the security key, Coinbase will require additional verification when you log in or perform high-risk actions:
- Enter your account password (or complete the first step of account verification).
- When prompted to use a security key, insert your imKey Pass S6.
- Touch the fingerprint sensor as instructed to complete verification and log in.
After successful verification, you can continue with your operation.
How to Manage / Replace / Remove Security Keys
You can manage your security keys at any time on the 2FA settings page, including:
- Enabling or disabling specific 2FA methods
- Adding backup authentication options
Strong recommendation:
Always add a backup method before removing an existing security key.
Coinbase also recommends configuring multiple 2FA methods to avoid being locked out if a single method is lost.
Important Security Tips
- Primary & backup separation: Keep your primary key with you and store your backup key in a different physical location.
- Do not store the PIN together with the physical key: to avoid both being compromised if lost.
- Keep at least one backup login or verification method: Avoid account lockout caused by a single point of failure.
Important Notice:imKey sells physical security hardware products only and does not provide any virtual asset trading, custody, or funds-related services. References to third-party wallets, exchanges, or decentralized applications are for compatibility purposes only; related functions and services are provided independently by third parties.
How to Use Account Recovery
imToken provides a security mechanism that works alongside cloud-synced passkeys. By linking your imToken Web passkey account with a wallet in the imToken App, you add an extra layer of protection.
In simple terms, if you accidentally lose your imKey Pass S6, you can restore access to your account by using the linked wallet to perform an on-chain signature, thereby recovering account access.
Account Recovery Set Up
Prerequisites:
- imToken App: Install the app on your phone and create or import a wallet.
- Small amount of gas tokens: Make sure your passkey account has ETH, USDT, or USDC to cover gas fees when setting up recovery.
Step 1: Start linking
- Open imToken Web and create or sign in to your account.
- Click the menu in the top-right → View account.
- Tap Set account recovery → Set up.
Step 2: Choose the wallet to link
- Follow the prompts: Sign in with imToken wallet → tap the imToken icon → Open in imToken.
- In the App’s WalletConnect page, tap the address bar, select the Arbitrum wallet you want to link, and Approve the connection to imToken Web.
- Return to imToken Web to check progress, then go back to the App and Sign in the DApp.
Step 3: Create your recovery key
- Back in imToken Web, click Sign and set recovery key (from Step 2) and stay on the page for a few seconds.
- When a “Signature Preview” request appears, review the information carefully and tap Confirm.
- Then insert your imKey Pass S6 and lightly touch the fingerprint sensor to complete identity verification and signing.
- Once the transaction is successful, your recovery key will be set. The page will display an “In Use” status and show the linked wallet address.
Note: Write down both your passkey account name and the linked wallet address, and make sure the linked wallet’s recovery phrase or private key is securely backed up.
Recover Your Account
This feature is designed for emergency situations, such as losing your device.
Step 1: Verify the linked wallet
- On the imToken Web sign-in page, tap Lost passkey? → Sign in with imToken Wallet → imToken icon → Open in imToken.
- In the App, select the wallet you previously linked and and Approve the connection to imToken Web.
- Return to imToken Web to check progress, then go back to the App and Sign in the DApp.
- Back in imToken Web, click Locate the account and reset (Step 2), then tap the linked account that appears.
Step 2: Reset and generate a new passkey
- After verification, click Reset to create a new passkey.
- Follow the on-screen instructions and click Generate New Passkey, then choose where to store the passkey.
- Insert your imKey Pass S6. When prompted to add a passkey, select More options → Use a security key, then touch the fingerprint sensor to confirm identity verification.
- Click Sign and Set New Passkey in Step 2, tap Open to switch to the App, and complete the signature to submit the transaction on-chain.
Once the transaction is successful, wait for the new passkey to take effect.
Note: The new passkey will be named automatically as “PreviousAccountName_string” .
Step 3: Finish recovery with the new passkey
- For security, the new passkey has a 72-hour lock period. Once taken effect, sign in with the new passkey.
- In View Account, tap Accept to sign the transaction.
- Sign out, then sign in again using the new passkey to access your account.
FAQs
Q1: Does setting up Account Recovery affect my asset security?
No. The recovery key is only used to sign during the recovery process. It cannot move tokens, and you remain in full control of your account and assets.
Q2: What if I change phones or uninstall the App—will recovery still work?
Yes. Recovery depends on whether you still control the linked wallet. Even on a new device, you can restore that wallet in the imToken App using its recovery phrase or private key, then sign as required to recover your account.
Q3: I forgot which address I linked—how can I check?
Sign in imToken Web → View Account → your account name → see the linked address in Account Recovery page. If needed, you can also change the linked wallet there.
Important Notice:imKey sells physical security hardware products only and does not provide any virtual asset trading, custody, or funds-related services. References to third-party wallets, exchanges, or decentralized applications are for compatibility purposes only; related functions and services are provided independently by third parties.
How to use imKey Pass S6 with Kraken
Kraken supports FIDO security keys as a method for two-factor authentication (2FA). After you add imKey Pass S6, you’ll be required to insert the hardware key and complete local verification (fingerprint / PIN) when signing in or performing sensitive security actions—greatly improving phishing resistance and account protection.
Before you start
Please make sure you have:
- The Kraken App installed and you’re already logged in
- A way to connect a USB-C security key (if your device only has USB-A, use a high-quality adapter)
- An imKey Pass S6 that works normally
- Recommended: You have already completed the PIN setup and fingerprint enrollment on a PC.
1. Add imKey Pass S6 in the Kraken App (Security Key 2FA)
- Open the Kraken App home page.
- Tap the avatar in the top-left corner to open Account.
- Select Security .
- On the “Security” page, find Two-factor authentication (2FA) and tap Passkeys.
- Tap Add passkey.
- When a pop-up appears (e.g., “Add a passkey?”), tap More options.
- Select Other devices, then tap Use Security key.
- Insert imKey Pass S6 and follow the prompts to touch the fingerprint sensor to complete registration.
- After the binding is completed, you will see the newly added security key in the key list.
- For easier management in the future, it is recommended to add a name to the key:
- In the key list, click the three-dot position on the right side of the corresponding key;
- Enter the editing page, fill in the name in the description (for example: imKey Pass S6 / Backup Key);
- Click "Save".
2. How to use imKey Pass S6 when signing in
Follow these steps to verify with imKey Pass S6 during login:
- On the Kraken App home page, tap Sign in.
- Complete device unlock verification if prompted (device passcode or Face ID).
- Select the account you want to log in to (if prompted).
- Enter your Email or username and password.
- On the Two-factor Authentication (2FA) page, tap the purple button at the bottom: Use Passkey.
- When the selection window appears, tap Use Security key, then tap Continue.
- Insert imKey Pass S6 and follow the prompts to touch the fingerprint sensor to verify and sign in.
3. Manage / replace / remove your security keys
Path: Kraken App → Account → Security guaranteed → Two-factor authentication (2FA) → PassKeys
You can:
- Add passkey (recommended to keep a backup)
- Tap ··· next to a key to manage it (Edit description / Remove)
⚠️ Important: Before removing any key, make sure you still have another working verification method (a backup key or another 2FA method), so you don’t get locked out of your account.
Important security tips
- Separate Storage: Keep one key with you and another in a secure location (home, office, or safe).
- Back up before you remove: ensure at least one other sign-in/verification method still works.
- Watch out for phishing: only sign in through the official Kraken app/website—avoid unknown links.
Important Notice:imKey sells physical security hardware products only and does not provide any virtual asset trading, custody, or funds-related services. References to third-party wallets, exchanges, or decentralized applications are for compatibility purposes only; related functions and services are provided independently by third parties.
How to Use imKey Pass S6 with Infinex
What is Infinex?
Infinex is a Web3 wallet/account platform built around Passkeys. It focuses on a seed phrase-free and password-free login and verification experience. When you create an account, you can enable a Passkey directly, and use it verification during subsequent logins or sensitive operations..
Why use it with imKey Pass S6?
When creating/using a Passkey in Infinex, you can usually choose to store the Passkey in either:
- Mobile / System passkeys (e.g., iCloud Keychain, Google Password Manager), or
- a hardware security key (USB Security Key)
Storing your Passkey on imKey Pass S6 adds stronger protection: verification typically requires physically plugging in the device + confirming with PIN/fingerprint, making it more suitable as a high-security entry point for core accounts.
Before You Start
Make sure you have:
- A Passkey-supported browser such as Chrome / Edge
- An available USB-C port
- If you only have USB-A, use a high-quality adapter
- An imKey Pass S6 ready to use
- Note: If you haven't set a PIN/fingerprint yet, the initial binding process will usually guide you through the setup.
1) First-time Setup: Creating an Infinex Account and Binding imKey Pass S6
- Open the Infinex sign-up/get-started page on your computer browser, then click “Log in” to enter the account creation flow.
- Follow the on-screen prompts to set up your account info (such as a username).
- When the page asks you to choose a Passkey storage method, select “Hardware security key”.
- Insert imKey Pass S6 into your computer’s USB port.
- Touch the fingerprint sensor on the security key to complete binding.
- Note: For first-time use, you will need to set a PIN and add a fingerprint first.
- Once binding is complete, the page will proceed to the next step and enter the Infinex interface.
2) Subsequent Logins with imKey Pass S6
- Go to the Infinex login page and choose “Log in”.
- Insert imKey Pass S6.
- Select “Use Security key” to sign in.
- Follow the prompt to confirm with touching the sensor and verifying your fingerprint.
- Login is complete once verification passes.
3) Daily Use: When Will Verification Be Triggered?
Generally speaking:
- Browsing assets/viewing info: Frequent verification is usually not required.
- Sensitive aoperations (e.g., confirming permissions, oving funds, or changing critical key settings): A Passkey verification window will pop up again.
When that happens, simply insert the imKey Pass S6 and complete the fingerprint confirmation as prompted.
4) Security Tips
- Only access Infinex via official channels: avoid clicking on search engine ads, unknown links, and phishing/clone websites.
- Be cautious when resetting the device: resetting imKey Pass S6 will wipe all Passkeys stored on it, which may result in losing access to your account. Make sure you have a backup verification method before performing a reset.
- Protect your PIN and Device: Do not share your PIN or lend your device to others. Anyone possessing both the device and the PIN could potentially complete operations in verification scenarios.
Important Notice:imKey sells physical security hardware products only and does not provide any virtual asset trading, custody, or funds-related services. References to third-party wallets, exchanges, or decentralized applications are for compatibility purposes only; related functions and services are provided independently by third parties.
How to Use imKey Pass S6 on Binance
How to Use imKey Pass S6 on Binance
Before You Start
- You are already logged in to the Binance app.
- Your imKey Pass S6 has a PIN set and fingerprints enrolled.
- Your computer/phone has an available USB-C port. (If it is a USB-A type, please use a high-quality adapter to avoid unstable connections.)
1. Bind imKey Pass S6 in Binance Account Security (Add a Passkey)
- Open the Binance app and go to Home.
- Tap the menu icon (☰) in the top-left to enter your Account Infopage.
- On the account info page, tap Security.
- Under Two-Factor Authentication (2FA), tap Passkeys (Biometrics) and select Add Passkey.
- When the pop-up appears, tap More Options.
Note: If you choose to use a security key for verification at this step, the system will display “No credentials found.” This is because permission verification (i.e., login authentication) must be completed before adding a passkey. Therefore, please complete verification using your existing login method first, and then add the imKey Pass S6.
- Select Use Security key.
- Insert the imKey Pass S6 and touch the fingerprint area to confirm.
- If you see a Security Key entry in the Passkeys list, the binding is successful.
2. How to Use imKey Pass S6 for Login Verification
- Open the Binance app and tap Sign up / Log in.
- Enter your email/phone number and tap Continue.
- In the verification method pop-up, select Use Security key.
- Insert the imKey Pass S6 and follow the prompts to touch the fingerprint area to complete verification and log in.
3. Create a Keyless Wallet in Binance Wallet
- Open the Binance app and go to Wallet.
- Tap My Wallet to open your wallet list.
- Tap Add wallet and select Create Keyless wallet.
- Insert the imKey Pass S6 and follow the pop-up prompt to Use Security key and complete fingerprint touch verification.
- After creation, you’ll see the new Keyless Wallet in the wallet list.
Important Notes
- Exchange passkey: used to protect your Binance account login and verification.
- Keyless wallet: a wallet account model (more accurately, no recovery phrase / no plaintext private key).
- You can use the same imKey Pass S6 for both, but they belong to different modules in the Binance app. Please complete setup and verification in each module separately.
- Recommendation: After creating a keyless wallet, complete wallet backup immediately and securely store your recovery password/backup materials. Before removing a passkey or resetting the device, make sure you still have alternative login/recovery methods to avoid losing access to your account.
Important Notice:imKey sells physical security hardware products only and does not provide any virtual asset trading, custody, or funds-related services. References to third-party wallets, exchanges, or decentralized applications are for compatibility purposes only; related functions and services are provided independently by third parties.
Frequently asked questions
See all articlesHow to Set Up imKey Pass S6 on Windows
Overview
This tutorial is intended for first-time use of imKey Pass S6 on a Windows system, specifically for adding it as a Passkey / Security Key on supported websites.
If you’ve already added imKey Pass S6 to a website (such as Google or GitHub), you can simply plug in the device and complete verification (fingerprint or PIN) when logging in—no need to repeat the setup process.
Unlike macOS, Windows handles Passkey / FIDO (WebAuthn) requests through Windows Hello. This means:
- A native Windows verification prompt will appear when creating or using a security key
- The verification flow is managed by the operating system, not entirely by the browser
- The overall experience differs slightly from macOS
Therefore, when using the imKey Pass S6 on Windows for the first time, you must complete the configuration according to the system logic.
Before You Start
Make sure you have:
- The latest version of Chrome installed
- Your imKey Pass S6 ready
- A device with a USB-C port (or USB-A with an adapter)
1. Adding imKey Pass S6 on a Website (Example: Google)
Step 1: Open the Security Key Setup Page
- Log in to your Google account
- Go to Security → Passkeys and security keys
- Click Create a passkey
Note: You must complete a permission check (login verification) before adding a passkey. Please verify your identity via an existing login method before adding the imKey Pass S6.
Step 2: Enable Windows Hello
When prompted with “Set up Windows Hello on this device”:
- Click Set up Windows Hello
- You will be redirected to the system Sign-in options page
- Complete the Windows Hello setup
Step 3: Choose to Use a Security Key
If you see the message “This device can’t create a passkey”:
- Click Use another device
- On the next screen, select Back
When prompted to choose where to store the passkey for google.com:
- Select Use an external security key
If this is your first time using imKey Pass S6, the system will prompt you to set a PIN.
Step 4: Insert imKey Pass and Complete Verification
- Insert imKey Pass S6 into the USB-C port
- Follow the on-screen instructions:
- Enter your PIN (if already set), or
- Touch the fingerprint sensor to verify
Wait for the system to complete the binding process.
Once done, your imKey Pass S6 can be used as a passkey for this account.
2. Verification Flow on Windows
When using imKey Pass S6 on Windows, you may notice:
- A Windows Hello verification window appears
- Options to choose authentication methods (e.g., security key)
- Prompts to complete PIN or fingerprint verification
👉 This is expected behavior and part of Windows’ standard WebAuthn implementation.
3. Managing Your Security Key (Special Note for Windows)
On Windows system:
👉 Chrome does not provide a full security key management interface.
The following functions are handled at the system level:
- PIN setup / change
- Fingerprint management
- Device reset
Where to Manage
Go to:
Settings → Accounts → Sign-in options
From there, you can manage your security key.
👉 Unlike macOS (which manages keys via the browser), this is a key difference in Windows environment.
Troubleshooting & Tips
Don't see the fingerprint option?
Windows may prioritize PIN verification. This is normal.
Prompted that the "Device is not supported"?
This is usually due to website restrictions or browser compatibility. Try updating or switching browsers.
No browser management interface?
This is by design on Windows. Management should be handled through the system settings.
Understanding the Root of Trust: Why Hardware Security Keys Are Worth Your Trust
The reason a Hardware Security Key significantly enhances account security isn't just because it adds an extra verification step; it’s because it locks the most critical authentication capabilities inside a verifiable, tamper-resistant hardware security boundary.
The starting point of that boundary is called Root of Trust (RoT).
Using the hardware security key as our focal point, this article explains what RoT is, its core mechanisms, why it outperforms traditional verification methods, and its limitations.
1. What is Root of Trust (RoT)?
Root of Trust (RoT) is the foundation of a security system. In security engineering, if a component’s behavior is verifiable and hard to tamper with, it can serve as the trusted starting point for the entire system.
For a hardware security key, RoT typically means a set of security capabilities confined within the hardware boundary, including:
- Keys never leave the device: Private keys are generated and stored inside the device. Your computer or phone can only request “please sign this,” but cannot read the private key itself.
- Device proof capabilities: Under certain platforms and policies, the device can provide proof signals to a service to indicate it is a standards-compliant hardware authenticator (rather than software emulation).
- Firmware integrity: Integrity checks and related mechanisms reduce the risk of firmware being replaced or modified with backdoors.
- Execution inside hardware: Cryptographic operations such as signing happen inside the device / security chip. Only the signature result is returned—private keys and internal logic remain protected.
In short: RoT moves your “trust anchor” from a fragile software environment and login page to a verifiable hardware security boundary in your hand.
2. The core Components of RoT: Four pillars of a security foundation
Implementations vary by vendor, but mainstream hardware security keys (such as YubiKey, imKey Pass, Google Titan, etc.) typically include the following mechanisms—or equivalent capabilities.
2.1 Secure Element (SE) / Equivalent Isolation
Many security keys use a Secure Element (or a chip with equivalent isolation properties) to generate and protect key material, and to keep critical operations inside the hardware boundary.
Even if your computer is infected with malware, it can usually only send requests—it’s very difficult to copy or export the private key used for authentication.
2.2 Factory Attestation
Many hardware security keys include vendor-signed attestation data, which can be used during registration to prove to a service that the authenticator is a compliant hardware device.
Note: whether a platform verifies attestation—and how it uses it—depends on its security policy and privacy settings. Some platforms may not enable or require attestation checks.
2.3 Trusted Boot and Integrity
RoT typically requires the device to perform integrity checks before booting or running critical flows. If firmware has been tampered with or fails signature verification, the device may refuse to operate or enter a restricted mode.
This helps reduce supply-chain risks—cases where the device looks normal, but its internal code has been replaced.
2.4 Enforced Physical Interaction (User Presence / Verification)
Common confirmation methods include a physical touch (User Presence) and local verification such as PIN or fingerprint (User Verification).
The key value is simple: even if an attacker remotely controls your computer, it’s much harder to complete critical login or binding actions without you being present and confirming.
3. Why RoT is Stronger Than Traditional Authentication
While passwords combined with SMS or OTP (One-Time Passwords) improve security, they remain vulnerable to phishing, interception, and malware. Hardware security keys built on RoT can usually reduce the following risks more effectively:
| Attack type | Password + SMS / authenticator codes | Hardware security key (RoT-based) |
| Credential stuffing at scale | 🛡️ Some protection (depends on password strength and risk controls) | ✅ Significantly reduces risk (Hardware chip > password strength) |
| Real-time phishing sites | ⚠️ Can be bypassed / higher risk (codes can be relayed) | ✅ Effective protection (Hardware verifies the domain; refuses to sign if mismatched) |
| Local malware theft | ❌ Often ineffective (sessions or tokens may be stolen) | ✅ Effective protection (Keys are physically isolated and cannot be copied) |
| Remote-controlled sign-in | ❌ Often ineffective (attackers can operate directly) | ✅ Effective protection (Requires your physical touch) |
Note: Security also depends on a platform’s implementation and your account security settings—especially recovery paths. Hardware security keys raise the bar significantly, but they should not be seen as “absolute security.”
4. The limits of Root of Trust: What it Can’t Prevent
RoT protects the security boundary of the authentication process, but it can’t replace user judgment or cover every weak point in an account system. You can still face risks in scenarios such as:
- Active Deception: You are tricked into giving a recovery code or backup key to a scammer during an "account recovery" process.
- Weak Recovery Paths: If an account can be reset via weaker methods (SMS, email, etc.), attackers may bypass the hardware key through that weaker entry point.
- Device Loss and Poor Management: Losing a key without a strong PIN (or leaking the PIN) can increase impersonation risk (depending on platform and device policy).
- Mis-confirmation or Mis-binding: If you approve a touch or local verification without understanding the request, you may be authorizing a critical action.
A quick reminder: Hardware ensures someone is present, but it cannot judge if what you are confirming is correct.
5. User Guide: Making RoT Work for You
5.1 Sourcing and Setup: Make Sure the Hardware is Trustworthy
- Prefer official channels or authorized resellers; avoid second-hand devices or unknown sources.
- Initialize immediately on first use: set your PIN and enroll fingerprints (if supported) yourself.
5.2 Protect Critical Entry Points First
You don’t need to enable a hardware key everywhere, but it’s worth prioritizing:
- Primary email account: often the master entry point for account recovery and resets
- Password manager: the key line of defense for all your passwords and passkeys
- Asset-related platforms: exchanges, cloud service consoles, developer platforms (e.g., GitHub), and enterprise admin dashboards
5.3 Redundancy and Backups (The “1+1” Strategy)
- Primary + backup: keep at least two security keys; carry one and store the backup in a safe location.
- Reduce weak recovery paths when possible: where your platform allows, limit or disable SMS-only recovery paths to reduce bypass risk.
Conclusion
The value of Root of Trust is that it moves the ultimate trust point of account security away from complex, easily spoofed software environments and back into a verifiable hardware security boundary.
When you use a hardware security key on your critical accounts—paired with backups and stronger recovery strategies—you’re not just adding an extra step. You’re building a more reliable security foundation.
Important Notice:imKey sells physical security hardware products only and does not provide any virtual asset trading, custody, or funds-related services. References to third-party wallets, exchanges, or decentralized applications are for compatibility purposes only; related functions and services are provided independently by third parties.
Why doesn't the imKey Pass S6 prompt for PIN or Fingerprint setup when used on mobile without initialization?
imKey Pass S6 is a fingerprint-enabled security key based on the FIDO2 standard (a hardware passkey device). Many users feel confused when using it on a phone for the first time: Why doesn’t the system guide me to set a PIN or enroll a fingerprint?
The main reason is that different platforms provide different levels of security-key management capabilities.
Why can I set it up on a PC, but not on a phone?
PC Side: Typically provides full initialization and management
On Windows or macOS, when using Chrome, the system typically provides a more complete set of security-key setup and management functions.
So when the device is brand new (not initialized) or after a reset, plugging it into a computer often shows the options to set a PIN and enroll a fingerprint, allowing you to complete the initialization.
Mobile Side: Primarily treats the hardware key as a verification tool
On iOS / Android, when the key has not been initialized, the system usually treats a hardware key as something used only for sign-in verification. In most cases, mobile platforms do not expose device management entry points such as setting a PIN or enrolling/managing fingerprints.
In many website scenarios, the key is therefore more commonly used as a 2FA security key. Whether it can also work as a Passkey sign-in credential depends on the website’s support and the specific browser/OS implementation.
This explains why users cannot perform these basic settings directly when using the device for the first time on a mobile device.
Recommended Path: Initialize First, Use Later
To ensure a smoother experience, it helps to think of using imKey Pass S6 in two stages:
Stage 1: Initialization (recommended on a PC)
This stage is best done on a PC. You “lock” the device and bind it to your identity by:
- Setting a PIN
- Enrolling a fingerprint
This is a one-time setup and improves security.
Stage 2: Daily authentication (most common on mobile)
This is the typical mobile experience. You only need to:
- Plug in imKey Pass S6
- Follow prompts to verify with your fingerprint or PIN
Then you can quickly complete sign-in or confirm sensitive actions.
✅ The simplest path is: initialize once on a PC, then use it normally on mobile.
Understanding the difference between 2FA and Passkey
Many users add a security key to their Google account on mobile and notice they still need to enter a password when signing in. That’s because in this scenario, imKey Pass S6 usually works as the second factor for 2FA.
As 2FA: password first, then hardware verification
The value is clear: even if your password is leaked, an attacker still can’t sign in without the physical security key.
As a Passkey (passwordless sign-in): usually no password required
The “sign in without typing a password” experience many users see on a PC is closer to Passkey / passwordless sign-in.
Whether you can achieve that depends on:
- The website’s Passkey support
- Whether you registered the key as a Passkey sign-in credential or only as a 2FA factor
Quick Rule of Thumb:
- Enter password first, then use the key → usually 2FA
- No password (or only select an account), then use the key → usually Passkey
FAQ
Q1: Why didn’t I see any prompt to set a PIN or enroll a fingerprint on mobile?
Because on mobile (iOS / Android), when the key hasn’t been initialized, the system usually treats it as an authentication tool for sign-in verification only. The OS and browser typically don’t provide full device management options (such as enrolling fingerprints or changing a PIN).
PIN setup and fingerprint enrollment are part of initialization, which you can do on a computer using Chrome’s built-in security key management page:
chrome://settings/securityKeys
Q2: What happens if I don’t initialize the PIN/Fingerprint on a PC first?
You may not get the Passkey (passwordless sign-in) experience on mobile. That can create a “Why do I still need a password after adding the key?” gap and may lead you to mistakenly think the device is malfunctioning.
For best results, initialize the key once on a PC (set a PIN and enroll a fingerprint), then use it on mobile for daily verification.
Q3: Can I add/remove fingerprints or change the PIN on mobile?
Usually not.
These management actions generally need to be done on a Windows or macOS computer (especially via Chrome).
Q4: Why do I still need to enter a password after adding the security key to my Google account on mobile?
That’s normal. In this case, imKey Pass S6 usually functions as 2FA (second factor):
You enter your password first, then plug in the key to complete the second-step verification. Even if your password is leaked, an attacker can’t sign in without the physical key.
Q5: What is the “sign in without typing a password on PC” experience?
That’s closer to Passkey / passwordless sign-in.
Whether it works depends on the website and whether you registered the key as a Passkey credential or only as a 2FA factor.
Quick check:
- Password first, then key → usually 2FA
- No password (or only select an account), then key → usually Passkey
Summary
- Mobile platforms mainly handle authentication, not device management.
- It’s recommended to initialize the PIN and fingerprint on a PC before using the key across platforms.
- Passkey (passwordless sign-in) and 2FA (second factor) are two different security flows.
Important Notice:imKey sells physical security hardware products only and does not provide any virtual asset trading, custody, or funds-related services. References to third-party wallets, exchanges, or decentralized applications are for compatibility purposes only; related functions and services are provided independently by third parties.
Why Don’t We Provide a Dedicated Management App?
imKey Pass S6 is designed based on FIDO standards. Core management capabilities are already built into mainstream browsers such as Chrome, covering essential functions such as PIN setup, credential management, and fingerprint enrollment. To improve usability and ensure a consistent experience, we choose to follow the standard ecosystem instead of providing a vendor-specific management dashboard or application.
1. Chrome Browser has built-in, comprehensive security key management
Chrome natively provides security key management at: chrome://settings/securityKeys, allowing you to directly:
- Set and reset the PIN
- View and manage credentials (Passkeys / FIDO Credentials)
- Manage fingerprints / biometric settings
- Check and manage basic security key status
These features already cover the core day-to-day management needs for passkey devices, so there’s no need to install or learn an additional tool.
2. Enhanced User Experience: Reducing tool dependency and maintaining consistency
By not requiring users to download a separate vendor app or management tool, several benefits are achieved:
- Shorter Usage Path: Simply plug in the device and manage it directly in the browser
- Unified Operation Experience: Using universal management tools reduces confusion and misoperations caused by varying tools or processes.
- Lower Learning and Maintenance Costs: This is particularly beneficial for enterprise and large-scale user scenarios.
From an industry standards perspective, managing security keys through the browser is the recommended approach in the FIDO ecosystem.
3. Passkey / FIDO is inherently a standardized, universal specification
The FIDO capabilities on passkey devices are defined by open standards:
- Management interfaces follow FIDO / CTAP standards
- No reliance on proprietary protocols or closed vendor backends
- Any standards-compliant management tool can manage the device properly
That’s why, unlike hardware wallets, there’s no need for a vendor-exclusive “Manager.” Browsers and operating systems are the official management entry points in this ecosystem.
Important Notice:imKey sells physical security hardware products only and does not provide any virtual asset trading, custody, or funds-related services. References to third-party wallets, exchanges, or decentralized applications are for compatibility purposes only; related functions and services are provided independently by third parties.
Introduction to Two-Factor Authentication (2FA)
1. What is Two-Factor Authentication (2FA)?
Two-Factor Authentication (2FA) is a security mechanism that verifies a user’s identity by combining two different types of authentication factors.
Traditional logins rely on a single factor—passwords. 2FA adds an additional, independent verification layer (such as one-time codes, security keys or fingerprint), significantly improving account security. Even if a password is compromised, attackers are unlikely to obtain the second factor at the same time.
2. Three Categories of Authentication Factors Used in 2FA
The authentication factors used in 2FA typically come from any two of the following three categories:
1️⃣ Something You Know (Knowledge Factor)
- Password
- PIN code
2️⃣ Something You Have (Possession Factor)
- Mobile phone
- Hardware security key
- Authenticator device
3️⃣ Something You Are (Inherence Factor)
- Fingerprint
- Iris recognition
- Facial recognition
✅ Core principle of 2FA: Authentication must come from two different categories, not simply two passwords.
3. Typical Example of Two-Factor Authentication
A classic example of 2FA is:
Withdrawing cash from an ATM
- Bank card (something you have)
- PIN (something you know)
Only when both are correct can the transaction be completed.
4. Two-Factor Authentication Has Become an Industry Standard
Today, major internet service providers have adopted 2FA as a standard security configuration, including:
- Apple
- Microsoft
2FA is no longer an advanced option—it is a foundational requirement for modern account security.
5. Comparison of Common Two-Factor Authentication Methods
6. How to Choose the Right Two-Factor Authentication Method
There is no one-size-fits-all solution for two-factor authentication. Different use cases, risk levels, and user habits call for different 2FA methods:
- Low-risk, temporary use scenarios
SMS verification codes or push-based authentication offer low deployment cost, but limited security. - Everyday accounts, general security needs
Authenticator apps provide a balance between security and convenience, but still rely heavily on mobile devices. - High-value, high-risk account scenarios (Such as email, trading platforms, cloud services, developer platforms, etc.)
Hardware security keys based on public-key cryptography are more strongly recommended, either as a second factor or for passwordless authentication.
Hardware security keys are widely adopted in these environments because they:
- Do not rely on password strength, providing strong protection even if passwords are compromised
- Do not depend on mobile networks, battery life, or operating system state
- Natively support passwordless authentication standards such as Passkey/FIDO2
- Allow a single key to protect multiple services and accounts
✅ Therefore, within a complete 2FA ecosystem, hardware security keys are better viewed as an advanced option for high-security scenarios, rather than a universal replacement for all authentication methods.
Important Notice:imKey sells physical security hardware products only and does not provide any virtual asset trading, custody, or funds-related services. References to third-party wallets, exchanges, or decentralized applications are for compatibility purposes only; related functions and services are provided independently by third parties.
imKey Pass S6 Frequently Asked Questions (FAQ)
Q1: What is imKey Pass S6?
A: imKey Pass S6 is a fingerprint-enabled security key (hardware passkey) built on the FIDO2 standard. Core features include:
- Fingerprint + PIN (two-factor on-device verification), supporting passwordless sign-in and strong step-up verification
- Supports FIDO2 / FIDO U2F, and can be used to sign in to services that support Passkeys / Security Keys (e.g., Google, GitHub, Amazon, OKX)
- USB-C interface, compatible with mainstream systems such as Windows / macOS and modern browsers
- Built-in fingerprint sensor for local user verification with a simple touch
In simple terms, imKey Pass S6 is your “physical passkey”: use your fingerprint instead of passwords and use one key across multiple accounts. It can also serve as a high-security identity entry for Web3. In addition, imKey Pass S6 can be used to create Web3 accounts together with imToken Web (https://web.token.im/).
Q2: What is 2FA?
A: 2FA (Two-Factor Authentication) is a method of verifying your identity by combining two different types of authentication factors.
Common factors include:
- Something you know: password, PIN
- Something you have: security key, phone
- Something you are: fingerprint, face recognition
Using 2FA can significantly reduce the risk of account takeover.
For more details, see our [2FA (Two-Factor Authentication) Overview].
Q3: What is FIDO and what is a FIDO Security Key?
A: FIDO (Fast Identity Online) is a set of standards created by the FIDO Alliance, designed to provide an open, passwordless (or password-replacing) authentication solution.
A FIDO Security Key is a hardware-based authentication device that supports FIDO standards to protect online account sign-in security.
Q4: Why should I use a FIDO Security Key?
A: Traditional password-based authentication has issues in both security and usability:
- Reusing simple passwords across sites increases the risk of phishing, man-in-the-middle attacks, and credential stuffing
- Complex passwords are difficult to remember and often lead to frequent resets
- A security key’s private key stays on the device and is not uploaded to websites or servers
FIDO security keys use public-key cryptography to provide a stronger authentication mechanism. A new key pair is created for each service registration, improving overall security.
Q5: How do I use a FIDO Security Key to protect my account?
A: The typical flow is:
- Sign in to your account as usual
- Go to Account Settings / Security Settings
- Enable Multi-Factor Authentication (MFA)
- Choose Security Key and follow the setup steps
Note: Different services may structure their security settings differently. Please refer to each service’s official help center or a compatible services catalog for details.
Q6: How do I re-enable biometric verification on my key?
A: After 3 failed fingerprint attempts, the device may temporarily disable fingerprint login and fall back to PIN + touch confirmation.
To restore fingerprint usage:
- In the verification pop-up, select Use PIN (or enter the PIN when prompted)
- Enter the correct PIN, then touch the device to confirm
- After a successful verification, the device will typically return to fingerprint-first behavior (depending on the on-screen prompt)
If fingerprint still doesn’t work
- Reinsert the device, or try another USB port/adapter (avoid unstable hubs)
- Make sure fingerprints are enrolled: open chrome://settings/securityKeys → Fingerprints
- Keep your finger and the sensor clean and dry
- Use the same finger that was originally enrolled
Q7: Why isn’t the fingerprint sensor working properly?
A: The fingerprint area on imKey Pass S6 is used for both fingerprint verification and touch confirmation. If fingerprint verification fails or the device doesn’t respond, try the following:
- Check the connection: reinsert the device, switch USB ports/adapters, and avoid unstable hubs
- Confirm fingerprints are enrolled: open chrome://settings/securityKeys → Fingerprints and enroll/manage fingerprints
- Check for temporary lockout: after multiple failures the device may fall back to PIN + touch confirmation—see Q6
- Improve fingerprint capture: use the same enrolled finger and keep the finger/sensor clean and dry
If the issue persists, try another computer or browser. If it still doesn’t work, contact imKey support.
Q8: How many accounts can one security key protect?
A: In FIDO2, the server can choose to:
- Store credentials on the security key, or
- Store credentials on the server side
If credentials are stored on the security key, it can typically store hundreds of credentials (depending on the device). Today, most web services store credentials on the server side.
Q9: What should I do if my imKey Pass S6 is lost?
A: No need to panic.
- A stranger cannot access your account without the username/password or your biometric/PIN (depending on the service setup)
- You can still sign in using a backup security key or other available verification methods
After signing in, you can:
- Disable/remove the lost security key
- Bind and configure a new security key
Q10: Is it important to have a backup security key?
A: Absolutely.
We strongly recommend keeping at least two imKey Pass S6 devices:
- One as your primary key
- One as a backup key
A backup key helps you quickly regain access when:
- The primary key is lost or damaged
- The primary key is temporarily unavailable
- You want to avoid complex, time-consuming account recovery processes
In short: With a backup key, you’re far less likely to get locked out of critical accounts.
Q11: Warranty & after-sales policy
A:
Returns/Exchanges
- Within 7 days of receiving the product, you may request a return/exchange if the product is unopened, unused, and the packaging is intact.
Warranty
- imKey provides a 1-year limited warranty.
- During the warranty period, if a non-human-caused quality issue occurs, we will provide a free replacement service.
Q12: Will my fingerprint data be uploaded to a server or leaked?
A: No. Absolutely not.
- Fingerprint templates are stored only inside the secure chip of imKey Pass S6
- They are not exportable
- They cannot be read via USB
- They are never uploaded to websites or the cloud services
Q13: What are the advantages of imKey Pass S6 compared with authenticator apps or SMS codes?
A: Compared with SMS verification or traditional one-time-code (OTP), using a security key typically provides:
- Phishing-resistant authentication
- Cannot be cloned
- No dependency on SMS/network signal
- On-device biometric authentication that is far harder to attack
Q14: How is imKey Pass S6 different from built-in system passkeys?
A: System passkeys (e.g., iCloud Keychain, Google Password Manager) are typically tied to a single device or cloud account.
imKey Pass S6 is an independent hardware passkey, offers:
- Credentials stored in hardware, not dependent on cloud sync
- Usable across multiple computers and operating systems
- Not affected by device loss or system replacement
- Ideal for securing critical accounts, exchanges, and Web3 identities
In short: System passkeys are convenient; imKey Pass S6 is more independent and controllable, and secure.
Q15: Will resetting imKey Pass S6 affect my online accounts?
A: Resetting only clears local data on the device (PIN, fingerprints, credentials). It does not change your website account status.
However:
- After resetting, this device can no longer log into previously registered accounts
- You must use another login method
- Then remove the old key and bind a new one in the account security settings
Before resetting, make sure you still have an alternative login method.
Q16: Does a Web3 account created with imKey Pass S6 have a private key?
A: Yes — cryptographic keys still exist at the protocol level.
However, the private key is not exposed to the user in plaintext. Instead, control is enforced securely through the passkey and the device. From a user experience perspective, it works like a “seedless wallet”.
Q17: If my imKey Pass S6 is lost, will my Web3 assets be lost?
A: Not directly — as long as you have recovery options configured.
In Web3, we recommended to:
- Set up a backup passkey / backup device
- Bind additional recovery methods (e.g., email, a second device, etc.)
Recovery capabilities depend on the design of the specific Web3 app or wallet you use.
Important Notice:imKey sells physical security hardware products only and does not provide any virtual asset trading, custody, or funds-related services. References to third-party wallets, exchanges, or decentralized applications are for compatibility purposes only; related functions and services are provided independently by third parties.