Secure passkeys explained: how will they replace passwords?
Keep hackers at bay with our passkeys 'how to'
People have relied on passwords to safeguard their digital data for many years. Unfortunately, hackers have discovered ways to bypass them, either through brute force, employing deceitful schemes, or due to individuals opting for easily guessable passwords on their phone or elsewhere.
VPNs can offer an extra layer of security between you and the perils of the internet, but it’s always good to have a few additional back ups. Thankfully, an improved and dependable method of logging into apps and websites has emerged. Best of all, this one is more secure and convenient than passwords. Most web browsers and operating systems now support secure passkeys, which are a great way to protect your online accounts.
Although no security measure can guarantee absolute protection, using passkeys makes it increasingly difficult for unauthorised individuals to access your online information. Here’s how they work.
What are secure passkeys?
Passkeys are built with the help of cryptography, a branch of mathematics that specialises in protecting data. Through encryption, digital signatures, or authentication, this technology allows you to keep your information secure. Unlike passwords, passkeys are not stored on any server but only exist on your personal devices. As a result, passkeys are significantly more challenging to hack.
Passkeys involve a key pair. First, a public key is registered to the website or app, and a private key is held exclusively on your device. Both keys must pair during authentication for the process to succeed.
Using secure passkeys instead of passwords has several advantages that go beyond improved security. Passkeys are more convenient because they are stored on your devices and synced across all your other devices, eliminating the need to remember multiple passkeys. Another noticeable passkey feature is that they use end-to-end encryption.
How do I use secure passkeys?
To use passkeys, it is important to confirm that your device and browser are compatible. You can easily check this by navigating to your device’s Passwords or Security section. You can also check your browser’s settings. If you are uncertain, you can contact the device manufacturer for assistance.
Creating a secure passkey may vary slightly depending on your device, but the general steps are similar. Begin by logging into the app or website that supports passkeys, and then locate the Create Passkey button.
Your device will generate a unique key pair, with the public key sent to the app or website and the private key stored on the device for added security. You’ll be prompted to confirm the passkey before the storing process is completed.
Once you create and activate your passkey, you won’t need to log in again. Authentication will happen seamlessly in the background.
Who’s behind secure passkeys?
Apple introduced passkeys for iOS and macOS in June 2022. However, they aren’t exclusive to the company. Rather, passkeys are based on a standard endorsed by the World Wide Web Consortium and FIDO Alliance. In turn, it’s endorsed by Apple and other corporations.
FIDO, or Fast Identity Online, provides a range of open technical specifications that establish user authentication mechanisms that reduce reliance on passwords.
Passkeys compatibility
The various platforms and devices that support passkeys continue to grow. These include Apple (iOS 16, iPadOS 16, macOS Ventura, watchOS 9, tvOS 16), Google (Chrome 94+, Android 12+), Microsoft (Windows 11, Edge 94+), Samsung (Android 12+), and Mozilla (Firefox 100+).
Among the apps that support passkeys are 1Password, Airbnb, Amazon, Apple, Dashlane, Google, Microsoft, PayPal, Twitter, and Visa. If you are looking for a more secure, easier-to-use, and convenient way to authenticate online, then you should consider using passkeys.