Microsoft wants to replace your Passwords with Passkeys, and they might be onto something

Situatie

Solutie

Windows users have had access to native passkey support before now thanks to the Windows Hello feature, but these upcoming changes using third-party passkey support will make things a reality for a lot more users. Currently, the plan is for Microsoft to introduce updates to WebAuthn APIs, which will support a plugin authentication model for passkeys.

New Windows Hello interface for passkeys.

As this update rolls out, this will allow Windows users to choose third-party providers of passkey authentication alongside the native Windows support. The goal is to create a seamless passkey authentication experience, which you’ll already be used to if you’ve been using Windows Hello prior to now. That said, this is not currently planned as a forced update that every Windows 11 user has to accept.

Make no mistake, passkeys might be the future of security, but since passwords are so widespread right now, Microsoft isn’t going to force a big change on you all at once. You don’t have to switch from passwords to passkeys even if the option is available to you thanks to the upcoming update. That said, you may want to consider it, since passkeys are more secure than passwords.

To understand why passkeys are more secure than passwords, we’ll have to discuss the differences between them. A password, as you know, is a string of letters, numbers and symbols which, when used alongside a username or login email, lets you log into your account on some service.

The problem with passwords is that they can be guessed or determined by threat actors, using a variety of methods, like brute force, keylogging, password spraying, and more. If they can figure out your password, they can gain access to any information that password is protecting. On top of that, remembering passwords across various platforms and websites is often a pain. These are issues that passkeys don’t have.

A screen showing a Windows passkey beta user picking a new passkey. — Explaining passkeys is a little complicated, but it goes something like this: a passkey is a pair of cryptography keys, a private key and a public key, which, when combined, unlocks your account without ever having to input a username or a password. Websites and apps will store a unique public key, while the device you are using keeps your private key. After you verify your identity on your personal device, the two keys will combine and give you a unique passkey.
Usually, whichever device or software is generating a passkey will verify your identity using a biometric authentication tool, such as TouchID or FaceID. Passkeys are unique to each app and website you use it on, and all of this combined results in a couple of security advantages compared to traditional passwords

For one, passkeys aren’t stored on servers, they reside on your personal device. This means your passkey can’t get leaked in a data breach like passwords can. Two, even if a passkey is somehow compromised, it doesn’t open up all of your accounts to attack. If you are the type of person to use similar passwords across accounts for different services, one compromised password places everything at risk. Passkeys don’t have that problem.

Finally, passkeys are immune to common password threats, like brute force attacks or phishing. Now, none of this is to say that passkeys are invulnerable and that using them guarantees safety from hackers. You still have to worry about things like cookie hijacking, which can get around them. Even so, passkeys have many advantages over passwords, and will increase your online safety overall.

Passkeys are great, but what if you just really want to stick with what you know? We all have certain comfort zones, certain areas where we just don’t want to learn something new over what we’re used to. Well, you may have no choice but to use passkeys in the future, but for now, you can keep using passwords if you want to. You just might want to consider taking a few extra steps to make them more secure.

I could tell you straight-forward things like “use very complex passwords” and “don’t use similar passwords ever,” but you probably already know about those tips. And let’s be honest, even though we all know those things, the problem with executing them usually relates to managing them. With how many passwords you need these days, it’s way too hard to remember dozens of complex and varied passwords.

This is where a password manager comes in. Bitwarden, 1Password, LastPass, whatever it is you prefer, a password manager will make the creation and management of strong, complex passwords much easier. With a password manager, you only have to remember one strong master password, which will give you access to the password manager and all of those other complex passwords it has written down.

Most password managers also have a built-in random password generator, so you can rest assured that you are actually creating strong passwords for any new accounts. Admittedly, passkeys are still better, but if you want to stick with passwords for the foreseeable future, a password manager is the way to go.

Tip solutie

Permanent

Follow Us