Back in May, we talked about how there would soon be a successor to the password called Passkey.
And we're hearing that Apple will start rolling out Passkeys in the next few months (as part of iOS 16). And we're excited about it.
As you would expect, it's caused some confusion: Apple is going to great lengths to market the Passkey concept, and understandably, people have assumed that it's a feature exclusive to Apple and its products.
That's not the case, so we all benefit.
Passkeys will be used as a joint effort to boost online security by Apple, Microsoft, Google, and many others. Apple is promoting this new feature to get the message out there.
Yes, Microsoft and Google are also enthusiastic about spreading the word so that people understand how Passkeys work and then adopt it, so we all benefit.
The more people who take advantage of Passkeys, the safer we and our businesses will be online.
Passkeys, otherwise known as FIDO authentication, work by letting you log into an app, a device, or a website with just your username and a pre-approved (authenticated) device, most likely your mobile phone.
When your device generates a cryptographic token, which matches the second part of a cryptographic key pair, you're allowed access to the app or website.
When logging in, you use your phone to prove it's you. Then, you'll unlock it using your face, fingerprint, or PIN.
Assuming your phone is within Bluetooth range of your computer, it will work.
All without needing a password… bliss…
A little refresher: Good password security requires at least 2 of these 3 items to be effective. 1) Something you know, 2) Something you have, 3) Something you are. Passkey will automatically meet 2 of the 3 objectives (items 1 and 2), so strong security is implied by default.
This is a far more secure way to access apps and keep your accounts safe from cybercriminals. In addition, you never see your cryptographic token (a good thing), so it takes away much of the risk of having your login credentials stolen (because that is only part of what they need to gain access to).
Cybercriminals will be unable to use their standard tactics (phishing emails, brute force attacks, or key loggers) to steal your credentials.
They'll also need your physical device, making remote hacking much less likely.
Good news, if you use Windows Hello, you'll see that Passkeys is already supported. Very soon, all three tech giants will roll out support across their entire product range.
Before then, call us if you want help or advice on keeping your apps and data safe.
#passkeys #FIDOAuthentication #CyberSecurity #apple #Google #Microsoft
