Passkeys are the future of authentication, offering enhanced security and convenience over passwords, but widespread adoption faces challenges that the NCSC is working to resolve.

What’s wrong with passwords – why do we need passkeys?

Most cyber harms that affect citizens occur through abuse of legitimate credentials. That is, attackers have obtained the victim’s password somehow – whether by phishing or exploiting the fact the passwords are weak or have been reused.

Passwords are just not a good way to authenticate users on the modern internet (and arguably weren’t suitable back in the 1970s when the internet was used by just a few academics). Adding a strong – phishing-resistant – second factor to passwords definitely helps, but not everyone does this and not every type of Multi-Factor Authentication (MFA) is strong.


More

RSA and the FIDO Alliance Champion the Enterprise Passkey Revolution

In this joint briefing, RSA Security’s Jim Taylor and the FIDO Alliance’s Andrew Shikiar detailed the global transition away from legacy…

Read More →

Microsoft and Google push passkeys deeper into workplace authentication

Microsoft and Google are pushing passkeys and hardware security keys deeper into workplace authentication, with…

Read More →

OpenAI Will Gate Its Most Capable Cyber Models Behind a Physical Security Key

Access to OpenAI’s most cyber-capable AI models will soon require something no phishing email can…

Read More →


123332 Next

Subscribe to the FIDO newsletter

Stay Connected, Stay Engaged

Receive the latest news, events, research and implementation guidance from the FIDO Alliance. Learn about digital identity and fast, phishing-resistant authentication with passkeys.