We've lost count of the times the password (opens in new tab) was pronounced dead, but with Apple’s latest launch, this time it might be for real. The company has announced a “new way to make the web a safer place” - replacing passwords with a new feature it calls Passkeys.
Presenting the security key feature to the world at WWDC 2022, Apple’s VP for internet technologies, Darin Adler described Passkeys as a “next-gen credential that’s more secure, easier to use, and aims to replace passwords for good”.
Passkeys use “powerful cryptographic techniques and the biometrics built into the device” to keep accounts safe, Adler explained, with users simply needing to use TouchID, or FaceID, to authenticate to a new web app, mobile app, or service in order to create a passkey.
Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab). Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey (opens in new tab) to get the bookazine, worth $10.99/£10.99.
This then creates a unique digital key that only works on the site it was created for.
According to Adler, passkeys can’t be phished (opens in new tab) since they never leave the device they were created on, and they can’t be leaked, nor hacked, since nothing secret is being kept on any web server.
He also explained that Passkeys were designed to work with apps, as easily as they do with the rest of the web. They are instantly available, and securely synced, across Apple devices, including Mac, iPhone, iPad, and Apple TV devices, through the iCloud Keychain service.
> Exclusive: People "don't see the point" in password managers (opens in new tab)
> Apple, Google and Microsoft join forces to try and kill off passwords (opens in new tab)
> Even top-level executives are practicing poor password hygiene (opens in new tab)
What’s also interesting is that Apple won’t be confining this feature to its products and services, only. The company teamed up with other industry leaders in the FIDO alliance, which includes both Google and Microsoft, to ensure the Passkeys service works seamlessly across different platforms.
“With the passkey, you’ll be able to walk up to a non-Apple device, and sign in to a website or app using just your iPhone,” Adler concludes. “We look forward to a passwordless future.”
Whether or not Apple’s nail ends up being the last one in the password’s coffin, remains to be seen, but with such a large and devoted user base, we’d give Apple a good fighting chance.