Passkeys – The End of Passwords?
Safe devices
We have been using passwords for authentication since the beginning of the internet. They are often complicated to use. Furthermore, weak passwords pose a security risk. Now Apple, Microsoft and Google are introducing authentication via passkeys. Find out what you need to know here.
Login Methods – The Daily Means of Authentication on the Internet
When we use digital devices, we are confronted with different login methods on a daily basis. We use many different accounts and passwords. Some services recommend or require two-factor authentication, which is why many people have installed additional apps on their devices to manage one-time codes. In most cases, these methods have now also replaced the separate TAN device or the even older physical TAN list in e-banking. Nevertheless, the choice of login methods remains confusing and can be overwhelming for many. Added to this is the pressure caused by the fact that we keep reading about the security risk posed by insecure passwords in the headlines.
Now Apple, Microsoft, and Google have jointly taken the initiative to promote a next-generation cross-system login method. Passkeys are an easy-to-use login method, as the various keys are managed directly on our devices – eliminating the need for tedious password memorisation. The underlying technology is also much more secure than passwords, increasing the protection of our accounts.
How can Passkeys be used?
The basic requirements for using passkeys are a device that supports this technology, such as a smartphone, and an online account for which authentication via passkeys is offered. If a passkey is set as the authentication method, the system generates a key pair both in the online account and on the selected device. This key pair is used for verification during subsequent logins.
For future logins, the online service checks the passkey on the device. If the passkey is stored on the device currently in use, the login is confirmed immediately. If the passkey is on another device, for example a smartphone, a QR code is displayed that can be scanned with the corresponding device. On the device where the passkey is stored, the login must be confirmed with facial recognition, fingerprint or PIN.
Requirements for the use of passkeys
- Device for Managing Passkeys
Most current smartphones and computers are suitable for managing passkeys. Depending on how they are used, passkeys are either only stored on the device or in a cloud keychain. They can also be managed in a separate password manager. You can find more information here:
For Apple devices, for Android devices or Windows devices
-
Online Services
Currently, there are only a few online services that already offer this login method (e.g. Google and PayPal). Furthermore, passkeys are usually only offered as an additional login option and are not yet proposed as a complete replacement for passwords.
However, one can assume that passkeys will replace the use of passwords in many places in the future.
- Operating System, Browser
In order to be able to use passkeys when logging in, an up-to-date version of a common browser is required.
Further information:
- Passkeys are based on the existing FIDO2 standard that has been in use for several years: https://fidoalliance.org/passkeys/
- Try out Passkeys in a demo: www.passkeys.io
- Public Passkeys Register - Passkeys Directory
