secure your online account with passkeys

We’ve introduced passkeys as an extra layer of protection for your online account to help keep your super safe. Read on to learn more about passkeys, including the benefits and how to set them up.

what is a passkey?

A passkey is the most secure way to sign in to your online accounts.

Once you’ve set up your passkey, you won’t have to enter your username and password every time you want to access your accounts.

Instead, you can sign in using the security features on your phone, like facial recognition, fingerprint, or screen lock (i.e. PIN or swipe pattern). Learn more about how passkeys work in the FAQs below.

You might notice that passkeys have been enabled for services like online banking, retail, and even myGov.

what are the benefits of passkeys?

Secure

Passkeys can't be guessed or stolen by scammers.

Fast

With a passkey, you can access your account in one step.

Easy

You don't have to create and remember complex passwords. And you don't have to verify your identity with an SMS code.

Private

Passkeys stay on your personal device and can't be shared with external third parties.

setting up your passkey

Follow the steps below to set up a passkey using the HESTA App.

Be sure to set up your passkey on your trusted personal device (i.e. not a shared or public device).

Log in to your account on the HESTA App.
Open your account settings by clicking on the person icon at the top right of your screen.
Select ‘Security settings’ and follow the verification prompts.
Select ‘Set up a passkey’ and follow the prompts.

Once you’ve set up your passkey, you can use it to log in to your HESTA account both on the app and the desktop site.

frequently asked questions

How do passkeys work?

Think of passkeys like two puzzle pieces that fit together to let you unlock the account you want to log into.

One private puzzle piece is stored securely on your device, and the other is saved with the account or website you’re signing into.

The keys work together to confirm your identity and give you access to your account.

What's the difference between passkeys and biometric login?

Although biometrics and passkeys might feel the same, passkeys have more layers of security.

When you log in using your biometrics, only your biometrics for that specific device are verified.

When you log in using your passkey, the two puzzle pieces interact to verify that the correct biometrics are being used to access the matching account or website.

In this way, passkeys are a multifactor verification method, while biometrics aren’t.

Are passkeys mandatory?

No. You’re welcome to keep logging in using your password, PIN or biometrics. After you enter your member number and password, you’ll receive a verification code on the mobile number associated with your account.

Can I keep my password?

Yes. You can choose whether to log in to your HESTA account using a passkey or password in your security settings.

Can I still use my password after setting up a passkey?

Yes. You can have both your passkey and password enabled in your security settings.

Can I have more than one passkey?

You can have up to 3 passkeys on your HESTA account.

How do I remove my passkey?

You can remove your passkey in two steps. To remove your passkey from HESTA, visit your security settings. Then visit your device’s password manager to remove your private passkey.

What are synced and non-synced passkeys?

A synced passkey is saved to the password manager on your device. It’s available to all devices using that password manager.

For example, you might have a phone and a laptop signed into the same Apple or Google account. These devices will be able to use your synced passkeys. You’ll find that most password managers sync passkeys automatically.

A non-synced passkey is only saved on your device. It can only be used on that device and can’t be shared across multiple devices.

What if I lose my personal device?

If you sync your passkeys, you’ll be able to access them on any device that uses your password manager once you sign in and set it up on your new device.

What if my passkeys are synced?

It’s most likely that your passkeys are synced, so be sure to sign in to the same password manager from your old device to double check.

If you find your passkeys aren’t synced, don’t panic. Your account will remain secure even if someone has your device because they don’t have the matching key or puzzle piece.

Follow these steps to recover your HESTA account:

If your password is still switched on, use your new device to download the HESTA App and sign in with your password. Then select ‘Security settings’ to create a new passkey. You can also delete any old passkeys if you’d like.
If you switched your password off when you created your passkey, contact us and we can switch your password back on so you can follow the step above.

Can I set up a passkey for my HESTA account on desktop?

Currently, you can only set up passkeys on the HESTA App. Once set up, you can use passkeys to securely access both the HESTA App and your HESTA desktop account.

How do I get help setting up my passkey?

If you’re having trouble with setting up your passkey, we’re here to help. We’re available Monday to Friday, 8am to 8pm (AEST/AEDT), excluding public holidays. Contact us.

Check in on your super

Your online account lets you check your super balance, keep your details up to date, and much more, 24/7.