You already know the importance of using strong passwords and two-factor authentication (2FA) for online accounts. However, the next generation of account security has brought us passkeys, and adoption is rising.
I am sick of passwords. Remembering a strong password for each of your accounts is virtually impossible. Even using a password manager can be frustrating. Sometimes, the manager doesn’t save or replace a password correctly, and you have to go through the steps of resetting it. Of course, you should always use 2FA for your sites, but that has its own type of complications.
To help address this, the Fast Identity Online (FIDO) Alliance developed passkey technology to ensure a secure, password-free sign-in experience. Let's look at why you should use passkeys for all your online accounts that support security technology.
4 reasons you should use 2FA apps over SMS-based authentication
2FA over SMS isn't just unreliable, it's also a security risk.
5 Password-less sign-in experience
Easier account sign-in
Websites will offer to create passkeys to sign in to your account if they support them. If you don't see a notification to set one up, you can usually find the option in settings, like in your Amazon account, for example. Once you follow the basic onscreen instructions, you'll be all set. Passkeys allow a simple password-less sign-in experience for your online accounts. With passkeys, you no longer need to remember passwords or even have your password manager handle things. The software remembers the passkey pair to authenticate your account for you. Without having to enter passwords, the sign-in experience is straightforward and secure. You also won’t need to worry about generating 2FA codes with a utility like Google Authenticator.
3 reasons I'm excited for the upcoming rise of passkeys for security
Passkeys promise us a future without passwords, and I'm all for it.
4 Increased security
Dual-key authentication
While nothing is 100 percent secure, passkeys are generally considered more secure than traditional passwords because of dual-key authentication. Passkeys are built on the WebAuthn standard, which uses public-key cryptography. This means it’s next to impossible for attackers to use phishing or social engineering to steal login credentials. Passkeys minimize the risk of password theft and phishing attempts on fraudulent websites. Even if a hacker were to get one key from the server, the other one is stored on the user's device. An attacker would need physical access to the device to sign in.
3 Major sites are adopting passkeys
Use passkeys with your favorite sites
When 2FA was first rolled out, prominent online services took a while to offer the capability. While passkeys are still catching on, you can use them on the major sites that matter, like Microsoft, Amazon, Google, Apple, Best Buy, eBay, pharmacies, financial sites, and others. As the technology continues to evolve and becomes more widely adopted, you can expect many more sites and services to offer this easy and secure sign-in experience.
2 Easy to use and set up
Easier than 2FA
Sure, convenience is the enemy of security, but 2FA can be particularly irksome. Passkeys are easier to set up and use. When you generate a passkey, two keys are created. One is stored on the website servers and the other is stored locally on your device. So, you may think it's complicated to use. However, when it’s time to sign in to a site, use your fingerprint, Windows Hello (face or PIN), Face ID (on your phone), or a unique passcode to sign in. It only takes a split second for the two keys to be paired and authenticated.
How to set up Windows Hello on your PC
Fingerprint readers and facial recognition make it easier to unlock your PC. Here's how you can set up Windows Hello to get started.
1 Multi-device and app support
Your daily technology supports passkeys
Most of the tech you use daily supports passkeys. Microsoft, Google, Apple, and other notable tech companies worked to develop passkeys using FIDO Alliance and W3C standards. So, they’re compatible with modern phones and computers with biometric capabilities. As for your browsers, modern versions of Chrome, Safari, Microsoft Edge, and Firefox all support passkeys.
The FIDO alliance wants to kill passwords - here's 3 reasons I'm all for it
Passkeys are a bit of a mess, but the FIDO Alliance wants to change that.
Passkeys offer an elegant and secure sign-in experience
Setting up and using passkeys for your log-in experience provides better security and an easy password-less experience. You no longer need to remember complex passwords and can unlock your account with an external biometric-capable device. You can also use a PIN or pass phrase depending on how you set it up. However, it's more straightforward if you use your face or fingerprint if your device supports it. It’s quick and painless, and no password is required if you use biometrics. Passkeys are the future for logging into your favorite sites and services. Not only are they more secure, but signing in to your accounts is a much easier experience.