Passwords Are Passé: The Brave New World of Passkeys
Remember when passwords were simple? Maybe your dog’s name, or your birthday? Your phone number? Unfortunately, those days are gone. Hackers have become incredibly clever, and simple passwords won’t protect your accounts anymore. But wait! There’s a new, easier, and much safer way to log in and it’s called a passkey.
The Problem with Passwords
We’ve all been there: forgetting a password, struggling to create a “strong” one with random letters and symbols, or worrying about a data breach where our passwords might be stolen. The truth is, passwords have several weaknesses:
Even “strong” passwords can be vulnerable to sophisticated hacking techniques.
Many of us (most of us) use the same password for multiple websites, meaning if one site is compromised, all our accounts are at risk.
Phishing scams and counterfeit websites can fool us into giving away our passwords.
Passkeys: A Simpler and Safer Way to Log In
Imagine logging into your favorite website or app simply by using your fingerprint, face scan, or PIN on your phone or computer. That’s the magic of passkeys.
How Do Passkeys Work?
Instead of a password you type in, a passkey creates a unique digital “key” for each website or app. This key is stored securely on your device (like your phone or computer) and is tied to that specific website.
When you create an account or enable passkeys the website generates two keys: a public key and a private key. The public key stays with the website. The private key stays on your device, protected by your fingerprint, PIN, or face ID. When you log in, your device verifies your identity (fingerprint, PIN, face scan, etc.) and uses the private key to prove to the website that you’re you. No password to type, and no chance of someone stealing it.
Passkeys are more secure because:
- You don’t have to create or remember complex passwords.
- Since there’s no password to type, phishing scams become much less effective.
- Each passkey is unique, so even if one website is compromised, your other accounts are safe.
- Passkeys use advanced encryption, making them much harder to crack and much stronger than traditional passwords.
- Passkeys are stored locally on your device (computer, phone, tablet) meaning they are not being stored on a company’s server where they could be stolen in a data breach.
- Most passkey systems offer cloud syncing, so if you get a new phone or computer, your passkey can safely transfer over.
How to Use Passkeys
Many popular websites and apps are starting to offer passkey support. Look for options like “passkeys,” “security keys,” or “biometric login” in your account settings.
Follow the website’s instructions to create a passkey. This usually involves verifying your identity with your device’s fingerprint, face scan, or PIN.
The next time you log in, you’ll be prompted to use your passkey. Simply verify your identity, and you’re in!
Will Passkeys Completely Replace Passwords?
While passkeys are a significant step forward, they will take time to replace passwords completely.
Some people are reluctant to try new technology and not all websites and apps currently support passkeys.
As more and more companies embrace passkeys, and as people realize how secure and easy to use they are, it is very likely that passwords will become less and less common and passkeys will become the primary way to log into online accounts in the future.
Passkeys offer a simpler, safer, and more convenient way to log in. They eliminate the hassle and risks of passwords and provide much stronger protection against hackers.
So, next time you see the option to use a passkey, give it a try. You might just find you never want to type another password again!
I am very nearly 95 years old with some serious health problems. If I use say a finger print for a passkey how will my executors access my bank accounts when I finally fall off the perch ?
Fingerprint scans are only one option. You can use PIN instead and tell your loved one what your PIN is.
Tired of people deciding things for us without our input…
A royal pain in the “you know what.”
It sounds like a great and safer way to log in. I have already done so on a few of my accounts. It’s much easier than having a password, and even though I have powerful passwords, I feel safer using the passkey. I hope that other apps follow suit soon. Thanks for the great info.
Not very clear. Presumably the device means the same device that you are using to open the Web site for example a PC . How do you create a fingerprint, face scan, or PIN on your PC.?
If you use a PIN isn’t that the same thing as a password so where is the extra protection ?
It means whatever device you’re using. If you log into a website on your phone or computer you will have to confirm that device is yours by using your fingerprint, PIN or face scan. Each device has its own passkey for a site. But your PIN, fingerprint or face scans does not change. It confirms it’s you trying to access the site. You only use on of the 3 verification methods per device. For example, my computer does not have a fingerprint scanner but my smartphone does. If I log into my banking site on my computer I use my PIN to confirm it’s really me and on my phone I use my fingerprint to confirm it’s me. The passkey created on each device does not change.
You create the PIN or fingerprint (etc.) by device for a each site when you set up your passkey. It’s not like a password. When you go to site A on your PC and they allow a Passkey you set it up while on your PC with a PIN, fingerprint or face scan. If you visit that site on your phone you set up a Passkey on your phone . You only have to it once for each site you want to use a passkey for.