Passkeys Are the New Passwords. You Should Start Using Them Now.
For 15 years, experts have told me that passwords are the biggest problem with online security and that’s just the way it is. The passwords that people make up are easily guessed by machines, and the ones that can’t be guessed are too hard to remember.
Over time, as more and more passwords became necessary, many people simply recycled theirs across different accounts — creating a precarious situation where one phished password or data breach gave an attacker access to the victims’ email, bank accounts, and anything else that shared that password.
Then came password managers, services and software in which a person could safely store all of their complex passwords and thus need to remember only a single password: the password for their password manager. This technology addressed, but didn’t solve, some of the problems. If people put in the effort, they could eventually have unique and complex passwords everywhere. But the majority of people did not opt to take on this herculean task that brought no immediate reward except that (maybe) in the future something bad might not happen to them (possibly). And a smart attacker could just phish even the best passwords anyway.
Two-factor authentication was the next bandage on the gaping wound of passwords. With 2FA protecting you, an attacker could have your password but wouldn’t be able to use it without a second confirmation, such as a code generated by an app or sent by text message. But another hoop to jump through for logging in remains a hard sell. And a smart attacker could just (you guessed it) phish most forms of 2FA anyway.
But passkeys are different. Instead of trying to fix unfixable passwords, passkeys are an entirely new technology that securely logs you in without your needing to remember your password or to perform a 2FA ritual. Passkeys are not perfect, and we’re still a ways off from their being commonplace, but learning what a passkey is and how to use it moves you a little closer to a more secure future.
