The new mechanism is being introduced in the form of passkeys in iCloud Keychain (opens in new tab), and is based on the WebAuthn standard, which offers passwordless, biometrics-based authentication.
- Here’s our list of the best password managers (opens in new tab)
- These are the best password generators (opens in new tab)
- We've put together a list of the best endpoint protection (opens in new tab) software
Explaining the feature, Apple’s Garrett Davidson said when users create an account using a passkey, there is no password to deal with since the Apple devices (opens in new tab) will themselves handle the generation and storage of the unique passkey.
He added that passkeys are end-to-end encrypted and iCloud (opens in new tab) Keychain helps sync them across a users’ Apple devices.
Better than 2FA
Davidson argued that thanks to its design and the iCloud Keychain implementation, using passkeys will be easier and more secure than most two-factor (2FA (opens in new tab)) and multi-factor authentication (MFA) solutions.
“In most cases, it just takes a single tap or click to sign in. And they’re stronger than most password-plus-second-factor solutions out there today, thanks to the combined security of WebAuthn and iCloud Keychain,” said Davidson.
In macOS Monterey and iOS 15 (opens in new tab), the passkeys in iCloud Keychain feature is being released as a technology preview and is off by default, that is designed to help developers explore and test the feature.
Davidson also added that although passkeys currently only work with Apple devices, the company is talking to partners at FIDO and the World Wide Web Consortium (W3C) to devise a solution that enables passwordless authentication on non-Apple devices as well.
- Protect your devices with these best antivirus software (opens in new tab)
Via 9to5Mac (opens in new tab)