Passkeys: Future Without Passwords?

Understand passkeys in 4 minutes [Video]

Video uploaded by Chrome for Developers on June 23, 2023

Understanding Passkeys: A Step Towards a Password-Free Future

Tired of juggling countless passwords? Passkeys might be your solution.

Most of us are bogged down by numerous passwords. Even with password managers, creating unique and complex passwords for every account feels daunting. In fact, everyone needs her/his account to be protected by passwords which should be both unique and complex. But what if you could go passwordless?

So just enter: Passkeys.

What Are Passkeys?

See? No passwords in sight. Nothing that needs to be remembered, and nothing to accidentally hand over to a hacker.

Passkeys can also get around the issue of having to synchronize passwords between your devices.

But What Are They?

Passkeys are solid authentication method to protect information. Introduced to prominence by Apple in June 2022, passkeys are not exclusive to Apple. They are backed by tech giants like Google, Microsoft, and organizations like the World Wide Web Consortium and the FIDO Alliance. Essentially, passkeys are cryptographic tools. They consist of a public key registered with an online service and a private key stored on a device. The good news? They’re user-friendly. You’ll log in using facial recognition, a fingerprint, or a PIN, similar to unlocking your phone.

So no passwords, nothing to be copied, remembered and nothing to fear about secrecy.

The Perks

• No passwords to remember.
• Seamless synchronization between devices.
• Enhanced security – no transfer of passkey between devices.
• Biometric info stays on the device, ensuring privacy.
• No risk when you log into a website or into an app with your fingerprint.
• No biometric info sent to the website or app that you are accessing – remember that biometric information is only used to unlock the passkey on the device you are using and it never leaves the device.

What Do You Need to Use Passkeys?

Well, here are the system requirements for passkeys:

• A system running at least Windows 10, MacOS Ventura, or ChromeOS 109
• A smartphone or tablet running at least iOS 16, iPadOS 16, or Android 9
• Optional: a hardware security key with FIDO2 protocol support

Your computer or mobile device you will be using will also need a supported browser such as:

• Chrome 109 or more recent
• Safari 16 or more recent
• Edge 109 or more recent
• The major tech players — Apple, Google, and Microsoft — all have more information specific to how to use passkeys on their platforms.

Some well-known websites and apps that support the technology include Adobe, Google, PayPal, TikTok, Nintendo, and GitHub.

If you wonder if any password managers support passkeys, it seems that the answer is positive, we’ve tried a few and all of them support passkeys.

Conclusion

Passkeys are a new standard for web authentication that works without passwords. They are based on the principle of asymmetric encryption, which involves two keys: a public key (stored on the web server) and a private key (stored on the user’s device). When the user wants to sign in to a website or app, they use a biometric sensor (such as a fingerprint or facial recognition), a PIN, or a pattern to unlock their private key, which is then matched with the public key to verify their identity. Passkeys are more secure and convenient than passwords, as they do not require the user to remember or manage them, and they protect against phishing, brute force, and credential stuffing.

Passkeys are promoted by the World Wide Web Consortium and the FIDO Alliance, and supported by major tech companies such as Google, Microsoft, and Apple.

Links

• About the security of passkeys – Apple Support
• Sell pre-owned Apple device online – iGotOffer
• Everything About Apple’s Products – The complete guide to all Apple consumer electronic products, including technical specifications, identifiers and other valuable information.