Is a passkey going to kill passwords?
No-one likes passwords.
Creating them. Remembering them. Typing them in.
Your whole mood can change when an application you’re using suddenly logs you out, and you have to go through login all over again.
It’s frustrating for everyone.
So here’s some very welcome news, courtesy of Microsoft, Apple and Google. The tech giants have joined forces to kill off the password for good.
Over the coming year, they plan to roll out no-password logins across all of their platforms, using a standard set by the FIDO (Fast Identification Online) Alliance. This sets the worldwide standards for passwordless authentication.
That’s a bit of a mouthful… so some people call this a passkey. A lot easier to remember.
A passkey works in a similar way to multi-factor authentication (where you use a separate device to prove it’s really you), but with less effort required.
It’s very simple. To login to something, you’ll use your phone to prove it’s really you.
Your computer will use Bluetooth to verify you’re sat nearby. Because Bluetooth only works a short distance, this should stop many phishing scams.
Then it’ll send a verification message to your phone.
You’ll unlock your phone in the usual way, with your face, fingerprint or PIN.
And that’s it. You’re logged in.
A passkey relies on something called public key cryptography. When you register with an application or website a key pair is made between the website and your phone.
These are really long numbers that are connected in some way. But you’ll never see them and you certainly don’t have to remember them. Your phone verifies the pair when you unlock it in the normal way.
And you don’t have to worry about losing your phone. It’s not enough to just have your device… someone has to be able to unlock it as well. You do have a lock on your phone don’t you?
Your passkeys will be backed up in the cloud, so if you get a new device you can simply transfer over your information. In the same way it’s now easy to set up a new phone to be just like your old device.
These passkeys are not only simpler for you, but should keep your data safer.
There is no password for cyber criminals to steal. And your phone needs to be close to your computer to login. It’s not fool proof, but it’s a lot better than the current situation with passwords and multi-factor authentication.
We’d love to hear your thoughts on this one. Are you excited to say goodbye to traditional passwords? Drop us an email to let us know.
Published with permission from Your Tech Updates.