Here’s how Apple will rid you of passwords

We’ve been talking about the end of passwords for years. And today, it is near. As we mentioned earlier, the FIDO alliance has developed a new way of authenticating web users that is no longer based on passwords, deemed too vulnerable, but on cryptographic keys called passkeys.

This technology is supported by Apple, Google and Microsoft, which provide the main platforms for smartphones and computers. And during the keynote of its WWDC conference, Apple finally showed that this connection without passwords, which will be available on the next versions of its platforms, will work.

No more passwords to enter when creating an account or logging into the website

As Apple showed during its presentation, to create an account on a website, it will suffice to enter the e-mail address. Instead of generating a password, the user will then generate a “passkey” by identifying themselves via FaceID or TouchID.

To create a passkey when opening an account on a site, simply identify yourself with TouchID or FaceID. © Apple

Then, the connection will be made through these biometric sensors.

Apple WWDC PassKeys presentation

Once the passkey is created, it is synced across all your devices via iCloud Keychain. © Apple

Apple also explains that these passkeys are synced to the user’s iPhone, iPad, Mac and Apple TV, through iCloud Keychain. They will work on both websites and mobile apps.

And the most important thing is that the user will be able to use their passkeys even on non-Apple products (such as a Windows PC or an Android smartphone). However, for this, the user will need to authenticate on his iPhone, and scan a QR code (as shown in this image shared by the Cupertino company).

Apple WWDC PassKeys presentation

The passkey will also allow you to connect to non-Apple products, but through an iPhone. © Apple

Why Apple is adopting this alternative to passwords

As the Cupertino company explains, Safari allows you to generate complicated passwords and therefore more difficult to hack. However, even when your password is complicated, it can be stolen by malicious actors via phishing techniques, which consist of having you enter your password on a fake site.

In some cases, even when you are vigilant and don’t fall for phishing attacks, it is the servers of the sites you use that are hacked in order to steal users’ passwords. And finally, some people reuse the same password everywhere, so if one account is compromised, all the others are too.

According to Apple’s explanations, passkeys eliminate all these disadvantages of traditional passwords.

“Access keys are unique digital keys that stay on the device and are never stored on a web server. Hackers cannot therefore disclose them or trick users into sharing them. Passkeys make it easy to sign in securely, using Touch ID or Face ID for biometric verification, and iCloud Keychain for syncing across Mac, iPhone, iPad, and Apple TV with end-to-end encryption. They will also work on apps and the web, and users can even log into websites or apps on non-Apple devices using their iPhones.”writes the Cupertino company.

However, for passwordless login to be possible, passkeys must also be supported by the sites you use. And that deployment could take longer.

We want to say thanks to the writer of this short article for this remarkable web content

Here’s how Apple will rid you of passwords

Check out our social media accounts as well as the other related pages