We’ve all forgotten and reused passwords from time to time. You may have even fallen for a phishing scam or had account information snatched up in a security breach for an app or website. While passwords have been the backbone of online security, we continue to move toward passwordless logins.
One method of authenticating without a password is passkeys. Let’s look at how passkeys work, why they are more secure and how easy it can be to start using them.
What is a passkey?
A passkey is a digital credential that lets you sign in to websites and apps without typing a password. Instead, you use something like your fingerprint, face scan, or device PIN to authenticate.
Passkeys are based on public key cryptography. That means your device stores a private key, and the website stores a public key. When you try to log in, your device proves it has the private key; without ever sharing it. This makes it nearly impossible for hackers to steal your login credentials. Passkeys eliminate the need to enter your email address or password into login fields when using apps or websites.
Why use passkeys?
Passkeys cannot be guessed by hackers, phished via scams, or stolen through data breaches. Passkeys are unique to each site, so they won’t work on phishing sites made to look like your email or financial web sites. They are stored securely on your device and not on a company server. They also require a PIN or biometric verification (i.e., fingerprint or facial recognition).
How can you setup passkeys?
Passkeys are simple to set up on accounts that have the option. On the website or in the app go to the security settings and choose create a passkey. You’ll then be asked to conform with face ID, fingerprint, or a PIN. Once you’ve completed the verification, the process is complete. The next time you log in, choose the passkey option if asked or simply approve the login with your device. You can even sync your passkeys across devices such as Apple’s iCloud Keychain, Google Password Manager, or Windows Hello, allowing you to login to your account from all your devices with the passkey.
If you’re nervous about switching to passkeys, you can try one or two accounts at a time. Some apps and sites still allow you to use both passwords and passkeys, providing the option to become more comfortable with the technology.
If you ever switch your devices or lose your phone, your passkeys are backed up via your cloud accounts for your device and can be restored on your new phone, tablet, or computer.
Passkeys aren’t just a tech trend; they’re a major leap forward in online security. If you’re tired of juggling passwords or worried about getting hacked, passkeys offer a safer, simpler future.
For more information on passkeys:
Passkeys Are the Future of Account Security: What They Are, and Why You Need Them – PCMag
How Passkeys work: A Google security expert explains – Google
A Beginner’s Guide to Passkeys: How to Set Them Up, Use Them, and Sync Across Devices – Computer Techs
