In that latest update, Apple presents Passkeys, their application of a new industry standard that aims to make passwords obsolete (FIDO2). In this article, I explain what that new way of security is and what it looks like for you as a user.
What is Passkeys?
The name Apple gives to the new way of logging in their ecosystem is Passkeys. And Passkeys is a passwordless way of logging in with the use of face recognition or fingerprint reading.
Now, I myself still use the built-in password manager, but passkeys is going to greatly reduce the hundreds of passwords you maintain and promises a more or less frictionless way of logging in.
Because what do you do with Passkeys? You create a new account and in doing so, you get a personal key. A string of digital characters that is stored in a personal device, such as computer or mobile, and synchronized via the cloud. The account also comes with a unique, public key.
The personal key goes into a key box which only you can open. This also makes it tied to a device of yours, and the locker can only be opened with bionic information (fingerprint, for example) or your Mac password.
The personal key must always remain local, but can be shared encrypted, via iCloud, across multiple devices. If you then log in, the public key will give you a challenge, a puzzle so to speak, that only you can solve with the personal key. You send that back and you get access.
To demo I recorded both flows, make an account and log in, on an iPhone and made this video. With a thanks to passkeys.io for sharing a test website.
So if FIDO2 and Passkeys catch on, you will soon no longer need passwords. You will manage a key cabinet. The disadvantage is of course that you can't do much without the key cabinet, which is local to your devices, but this is partly solved by working with QR codes. But if you then want to help a six- or eighty-year-old, I predict it will be a challenge.
Anyway, we are not that far yet. I have not yet come across Passkeys in the wild, am curious when that will happen for the first time. But as a site owner I would prepare for it, maybe it can give you an edge over the competition for some time.
Recently I produced an article with video on 2 Factor Authentication (2FA) on Apple Keychain. Use this and there is no need for other password management solutions.