Okay okay, I know last week I talked about password managers, and let me tell you they are still going to be needed. This isn't as contradictory of a post as it might seem!
Everyone hates when it's time to create a new password. No one likes having to think of a password, no one remembers their password and it's very annoying when you have to type it in more than once. Your whole mood can change instantly when the site you try to use suddenly logs you out and you must go through the log in all over again. It's a frustrating situation for everyone!
So, you can imagine our excitement when we heard that tech giants, Microsoft, Apple and Google are joining forces to try and eliminate the password… FOREVER! Over the coming year, their plan is to roll out no-password logins across all their platforms. They will be able to do this using a standard set by the FIDO (Fast Identification Online) Alliance. FIDO sets the worldwide standard for passwordless authentication. We know it’s a mouthful, so people call it a passkey, it's so much easier to say!
A passkey works in a similar way to multi-factor authentication (where you use a separate device to prove it’s really you), but with less effort required. It's very easy and simple to use. Your computer will use Bluetooth to verify you're sitting nearby, and because Bluetooth only works within a short distance this should stop many phishing scams. Then you will be sent a verification message to your phone and once you have unlocked your phone in the usual way, with either your face, fingerprint or PIN you will be logged in! That's right it's that simple. No typing in passwords, no trying to remember what your password is and there won't be any more messages asking you to change your password. Doesn’t that sound great?!
Passkeys rely on something called public-key cryptography (yawn). When you register with an application or website a key pair is made between the website and your phone. These are long numbers that are connected in some way. But you’ll never see them, and you certainly don’t have to remember them. Your phone verifies the pair when you unlock it in the normal way.
And if you're one of those people that lose their phone you don’t have to worry. It’s not enough to just have your device… someone must be able to unlock it as well. So, it's an extra security step. Your passkeys will be backed up in the cloud, so if you get a new device, you can simply transfer over your information. Just in the same way that all your contacts, messages and photos etc. transfer to your new device from your old one.
These passkeys are going to be great for protecting your data in a safer way because there is no password for cybercriminals to steal. And your phone needs to be close to your computer to log in. It’s not foolproof, but it’s a lot better than the current situation with passwords and multi-factor authentication.
We’d love to hear your thoughts on this one. Are you excited to say goodbye to traditional passwords? Leave a comment to let us know.
Until next time, keep fit and have fun!
Everyone hates passwords, creating them and remembering them are very annoying. Microsoft, Apple and Google are joining forces to eliminate the password FOREVER! and yada yada yada it's looking like simply unlocking your phone will become the new password. Isn’t that exciting?!