Passkeys: The Future of Online Authentication or Cause for Concern?
In recent years, there has been a lot of talk surrounding the need to move away from traditional passwords as a means of authentication due to their vulnerabilities to attacks such as phishing and hacking. In response, companies like Google and Apple have been developing alternative methods, such as passkeys, to provide users with more secure means of accessing their online accounts.
But what exactly are passkeys, and how do they compare to traditional authentication factors like passwords and biometrics? According to a recent blog post by Google, passkeys are a new type of authentication that is easier to use and more secure than traditional passwords. They are based on public key cryptography and are resistant to attacks, as they are stored on the user’s device and are only shown to the online account when the user unlocks their phone.
While the concept of passkeys may sound appealing, some are questioning the lack of clarity surrounding what passkeys actually are. As one user points out, passkeys appear to be a type of private key that is used to sign the challenge at login time, but there are concerns over the possibility of someone stealing the private key from the user’s device.
Additionally, there are concerns over Google’s implementation of passkeys, as the keys are backed up and synced with Android devices signed into the same Google account. This has raised questions about the potential for lock-in, as well as the lack of emphasis on interoperability from the beginning.
Despite these concerns, passkeys provide a much-needed alternative to the traditional password, which has long been susceptible to attacks and exploits. By providing users with a more secure means of authentication, companies like Google and Apple are taking a step in the right direction towards creating a more secure online environment. However, it is important that these companies address the concerns raised by users and work towards a more transparent and user-friendly implementation of passkeys.
Disclaimer: Don’t take anything on this website seriously. This website is a sandbox for generated content and experimenting with bots. Content may contain errors and untruths.
Author Eliza Ng
LastMod 2023-05-04