The war on passwords has entered a new and more hopeful era: their final battle for existence. The challenger is the passkey. Let’s talk about why this is happening now, what exactly the passkey is, and how the victory might just finally be in sight. The goal is a worthy one — according to Verizon DBIR 2022 report, 80% of data breaches still begin with a phishing or Man-in-the-Middle attack, using hijacked account credentials to take over an account. Spoiler alert: passkeys can help big-time in this fight.
Passkeys use a set of cryptographic keys – meaning a long string of digits – in a way that you, the user, doesn’t have to remember or type anything additional. They have been adopted by the major endpoint vendors (Google, Apple and Microsoft), and in my post for SC Magazine I describe how they work.