Passkeys Replace Passwords as Secure Authentication

Passwords are increasingly regarded as insecure and cumbersome. Experts recommend replacing them with passkeys that can be stored directly on smartphones. This new authentication method not only provides higher security but is also resistant to phishing attacks that commonly occur with traditional passwords. When creating a passkey, both a public and a private key are generated. This technique is based on asymmetric encryption, which ensures that the private key is stored on the user's device or in a password manager.

The public key is shared with the respective website, enhancing the security of the login credentials. Authentication occurs through a request from the website to the user's device. To authorize this request, biometric authentication is required, such as a fingerprint or facial scan. After approval, a digital signature is created and sent to the website to grant access. A significant advantage of passkeys is that they only work for the specific website for which they were created.

This means that even if a website is hacked, the passkeys cannot be used by attackers. Security is further enhanced by the fact that the private key cannot be derived from the public key. Passkeys can be stored locally on a device or in the cloud. Supported devices include smartphones, tablets, hardware dongles like YubiKeys, and compatible PCs. This flexibility allows users to choose the storage method for their passkeys that best suits them.

The implementation of passkeys could revolutionize the way users log in online. Security breaches based on passwords could be significantly reduced by this technology. The use of passkeys could also decrease the need to regularly change passwords, which is often seen as a nuisance. The introduction of passkeys is being driven by various companies and organizations that recognize the benefits of this technology. Support from major platforms could lead to passkeys becoming the new standard for online authentication in the coming years.

The security of passkeys is further enhanced by the use of biometric data. This data is unique to the user and provides an additional layer of protection. The combination of public and private keys along with biometric authentication makes passkeys one of the safest methods for online identification. The transition to passkeys could also impact the development of security software.

Companies specializing in password management may need to adjust their services to meet the new requirements. Integrating passkeys into existing systems could pose a challenge, but the benefits of the technology justify this effort. The use of passkeys could significantly increase in the coming years as more users and companies recognize the advantages. According to current estimates, by the end of 2026, over 50% of online users could be using passkeys instead of passwords.