Passkeys Moving Us Closer to Passwordless Computing
Companies worldwide spend billions on network security each year, developing sophisticated layers of protection to ensure that only verified users are granted access to company resources. Yet, it can all be easily undone by a distinctly low-tech product — the sticky note.
Passwords have long represented the first line of defense for network security, but the plain truth is we have trouble remembering them — so we write them down and leave them in plain view of any would-be network intruder. Analysts say up to 80 percent of data breaches can be traced to compromised passwords.
Organizations have sought to reduce reliance on passwords for years. They finally have a good option for passwordless security thanks to the continued development of passkey software. Passkeys use public key cryptography techniques to enable you to authenticate to web services and applications without having to enter a username or password.
Benefits of passkey technology include:
It’s easy. Users don’t have to create and remember dozens of different passwords — the software handles the entire authentication process. When signing into websites or apps, all you have to do is unlock your phone.
It’s more secure. When registering with website or service, the passkey generates a unique cryptographic key pair consisting of a public key registered with the website or app you’re using and a private key stored on your device. Even if hackers breach a site’s passkey server, they can’t access your account without the private key.
It has broad support. Apple, Google and Microsoft are working with various standards bodies to ensure passkeys are implemented in ways that work across multiple platforms.