Apple is killing the password
You may soon be able to forget that same security code combo you use for everything.
You may soon be able to forget that same security code combo you use for everything
The days of trying to remember the special character variation of your childhood best friend's name are numbered, thanks to Apple.
The company will launch password less logins across Macs, iPhones, iPads, and Apple TVs in September this year.
“Passkeys” will allow you to log into online accounts without entering passwords or relying on password managers, with iOS16 and macOS Ventura.
What is a passkey?
Passkeys are a type of biometric sign-in. If that means nothing to you… same.
It verifies your identity via retina scans, iris recognition, fingerprint scanning, facial recognition, and voice ID.
Apple will create digital keys using Touch ID or Face ID, that will prompt a scan of your face or fingerprints when logging into a website or app. The company has described passkeys as “unique digital keys that stay on a device and are never stored on a web server, so hackers can’t leak them or trick users into sharing.”
The passkeys will sync across multiple Apple devices using iCloud’s Keychain and are stored on devices rather than on servers.
What’s under the hood?
Passkeys are based on Web Authentication API and are encrypted so nobody can read them (including Apple.) It uses public-key cryptography — the same tech used for encryption in iMessage and Signal. The public key is stored in the server, and will allow whatever you’re logging into to verify your account, as long as you have the matching private key. The private key will never be shared with the server, and your device can do all the authentication without ever revealing it.
It's ultra-secure and a huge advance for people's online security, in addition to eliminating guessable passwords (long live 'qwerty1234'), removing passwords reduces the possibility of successful phishing attacks.
Is it just for Apple users?
Ideally, no. Apple, Microsoft, and Google are all on board.
In March, The FIDO Alliance, a tech industry group, announced a way to store cryptographic keys that sync between devices: “multi-device FIDO credentials” or “passkeys.”
Then, in May, the big three tech giants confirmed that they would start rolling out technology that would work across all tech ecosystems "over the course of the coming year."
“All of FIDO’s specs have been developed collaboratively, with inputs from hundreds of companies,” says Andrew Shikiar, the executive director of the FIDO Alliance.
Microsoft users already ditched passwords in September last year, and Google has been working on password less technology since 2008. Once all three companies have rolled out their version of passkeys, it should, in theory, be possible for the system to work across all devices.
What led to the ASX Wolf’s downfall
He was found to have breached financial advice laws in a precedent-setting court case against social media "finfluencers".
Relocating to Mars easy compared to running Twitter
Tech tycoon’s quixotic spell in charge of the social media site has shown both its many flaws and how hard they are to fix, says Hugo Rifkind.