Passkeys, the future of passwords

Passwords are a necessary evil. Although they are needed, they can be a real headache. Cybersecurity experts like Eagle Tech Corp recommend having a different one for each account, but this becomes extremely complicated when there are so many to handle. For this reason, “passkeys” is now emerging: a new way of having better control over them and with more security, even above password managers and two-step authentication. Learn all about this new modality in the following lines.

Read: The hacktivist group Guacamaya leaks 1TB of information about various armies in Latin America

How do the “passkeys” work?

The encrypted keys are the secret of the passkeys, and they work with cloud technology. They use the WebAuthn cryptographic keys so that users can access the different platforms with a single user device, which can be a smartphone, a tablet, or a security key. They cannot be copied.

They do not need to be automatically generated as password generators do. Everything is done automatically with passkeys, and, so far, the device where functionality is being focused is the smartphone. However, the main protagonist of this new modality is Bluetooth technology since both the user’s personal device and the computer must have it activated so that the keys are transferred. In this way, both devices communicate.

This technology has a promising future, and it may be the answer to how to handle passwords for years to come. The interest that passkey has generated is so great that large companies like Google have decided to make an alliance with the FIDO Alliance, their creators, to incorporate passkeys with Chrome and Android.

Until now, they are handled in the beta phase where Chrome attaches the encrypted key to its password manager, and through the Android device the user is asked to recognize their identity with the fingerprint or the unlock pattern each time an account needs to be created or signed in on any platform. This way, the Android device creates the passkey for that account.

It has also been observed that Chrome wants to use QR codes to manage access to different platforms. A simpler and more practical alternative to Bluetooth technology. Google is not the only one that bets on this alliance with FIDO; Microsoft and Apple also moved their pieces, which would make the passkeys interoperable by making an Android mobile send a key to Safari, while an iPhone can do the same with Chrome or any Android device.

In short, passkeys sound like the future to say goodbye to passwords. Of course, certain questions arise, and we need to know in depth how this technology is used to put it to good use.

Keep in touch with our blog to read the latest news and innovations in the cybersecurity world.