Why Passkeys Are the Next Frontier in Digital Security

The traditional password that generations of computer users have come to love and hate may soon be replaced by something called a "passkey." You've likely even been prompted to create one already. While many people may not know just how easy it is to start experimenting with this new creation, there are still hurdles that must be cleared before adoption becomes widespread.

The problem with passwords is so pervasive that hacking, identity theft, scams, and major data breaches have become all too common. The rise of password security errors, such as using the same phrase across multiple sites, has led to a new alternative gaining popularity: passkeys. Passkeys are "generated codes" that are "stored on your device or in your password manager" and allow you to "log in to websites and apps using your fingerprint, face recognition or a PIN," said Wired.

Their creators claim that they are unhackable, and they are "widely considered to be more secure" than your existing password system. When you make a passkey, you are creating a "pair of cryptography keys generated by your device" that communicate with one another via a "biometric identification tool, such as FaceID or TouchID, to authenticate your identity," said PC Mag.

How Do I Get a Passkey?

The good news is that "passkeys are very simple to use," said Dashlane, and you can create them for many accounts, including Google, Amazon, Apple and more "in just a few quick steps." After creating one, "you just approve login attempts with a PIN or biometrics," said PCWorld.

For example, to create a passkey on Google you just log in to your account, open the passkeys manager, enter your password and create a passkey. They are the "way of the future for Google account verification" and doing so is "simple to do and highly secure," said ZDNET.

A Brief History of Passwords

You may wonder when computer passwords became a thing. The first passwords were used in 1961, when researchers at MIT created a system called the "Password System" to protect access to their computers.

5 Password Habits That Put You at Risk

Data breaches increased in 2023 and with them, internet security concerns. Here are five common password habits that put you at risk:

  1. "The use of easily guessable passwords such as 'qwerty' or '123456'," according to Identity Thief.
  2. The re-use of the same password across multiple sites, making it easier for hackers to exploit," said PC Mag.
  3. The use of weak passwords that can be easily cracked with software tools," said Cybersecurity and Infrastructure Security Agency (CISA).
  4. The sharing of passwords with others, who may compromise your account," according to Identity Thief.
  5. The failure to update passwords regularly, making it easier for hackers to access your account," said CISA.

Passkeys: A "Password-Killing Tech"

"Passkeys are a 'password-killing tech'," said Wired, and improvements to the underlying technology are "pushing passkeys toward a tipping point."

However, there are still hurdles that must be cleared before adoption becomes widespread. One problem is that syncing across different platforms is much harder than it should be," said Ars Technica. This can be devastating for less tech-savvy users who may give up on the new technology if they encounter any significant obstacles.

A Step Towards Seamless Adoption

Critics note that "passkey implementations to date lock users into the platform they created the credential on." But developers are hard at work trying out ideas to make the process of moving to passkeys more seamless for most users. One important development is a Credential Exchange Protocol that will "make passkeys portable between digital ecosystems" and avoid "user lock-in" to any individual password management service," said Wired.

Adoption of Passkeys: Still Slow

Even though three-quarters of respondents in the U.S., U.K., China, Japan and South Korea have heard the term, fewer than a third have actually created one. Moving to passkeys also "assumes that the user has exclusive, private access to an account or device," which may not be realistic in households where family members share both," said the National Cyber Security Centre.

A Word of Caution

"It's too soon to switch away from using passwords for all your online security," said Consumer Reports, which recommends trying passkeys for some accounts while the technology continues to mature."