Apple reveals more on its plans to kill off passwords for good

Password Security
(Image credit: Shutterstock)

Apple announced its plans for a new passwordless authentication mechanism that will allow customers to use Face ID and Touch ID-based account authentication.

The iPhone maker announced its move towards a more secure and easy-to-use authentication mechanism at its WWDC 2021 event.

The new mechanism is being introduced in the form of passkeys in iCloud Keychain, and is based on the WebAuthn standard, which offers passwordless, biometrics-based authentication.

Explaining the feature, Apple’s Garrett Davidson said when users create an account using a passkey, there is no password to deal with since the Apple devices will themselves handle the generation and storage of the unique passkey. 

He added that passkeys are end-to-end encrypted and iCloud Keychain helps sync them across a users’ Apple devices.

Better than 2FA

Davidson argued that thanks to its design and the iCloud Keychain implementation, using passkeys will be easier and more secure than most two-factor (2FA) and multi-factor authentication (MFA) solutions. 

“In most cases, it just takes a single tap or click to sign in. And they’re stronger than most password-plus-second-factor solutions out there today, thanks to the combined security of WebAuthn and iCloud Keychain,” said Davidson.

In macOS Monterey and iOS 15, the passkeys in iCloud Keychain feature is being released as a technology preview and is off by default, that is designed to help developers explore and test the feature.

Davidson also added that although passkeys currently only work with Apple devices, the company is talking to partners at FIDO and the World Wide Web Consortium (W3C) to devise a solution that enables passwordless authentication on non-Apple devices as well.

Via 9to5Mac

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.