Passwords, depending on their strength, have been easily crackable for a while, with hackers implementing brute force and phishing techniques to try and access user accounts and information. We’ve all been there once — we receive an email from a service we used ages ago claiming that your account has been breached by an individual halfway across the world or that someone’s trying to change your password. In the early days of the internet, you were completely on your own. You had to create a strong and uncrackable password that you could remember or be at risk of getting hacked. Slowly, computer services and smartphones allowed us to remember encrypted passphrases. Now, we have Apple Passkeys. If you’re wondering what Apple Passkeys are and how you might be able to use them, read on to find out more information.
Apple Passkeys are Apple’s solution to a new, password-less world. It’s an extension of the FIDO Standard feature that the company rolled out in iOS 15, however the previous iteration required users to log in to each app or website to enable the password-less feature. And not many people used it. Now, Apple collaborated with the FIDO Alliance and large companies such as Microsoft and Google to create Apple Passkeys.
This new feature stores a unique digital key on each device that uses biometric authentication to sign users in. What this means for consumers is that they can log in to apps and websites using Face ID or Touch ID. Since the biometric data and processes are already there for Apple products, it’s only a matter of integrating them into apps and services and creating a standardized way for developers to enable Apple Passkeys. You may have noticed that some essential apps and services already require biometric authentication to log in. We can expect that as Apple develops this feature further, more services will begin to implement it.
Why Are Apple Passkeys Secure?
Think of traditional passwords as keys. There is a public key, which is stored on the website’s servers, and a private key, which is stored on your device. If a website suffers a data leak, the hackers may suddenly have unfiltered access to user passwords and private information if the website doesn’t have adequate encryption techniques. With Apple Passkeys, the private key is stored in the iCloud and remains invisible to the user, Apple, and the website with the public key. Additionally, since the new password-less feature uses biometric data instead of a written password, it will be harder for hackers to access any of your information.
Theoretically, there is a mathematical possibility that a hacker could decode your encrypted key and use it to access a service, however the technology to do that doesn’t exist, as it would require extreme computing power and would take longer than there is time in the universe (no exaggeration). This also removes the need for two-factor authentication, as this new feature since the private key never leaves your device.
How to Turn on Apple Passkeys
While you can turn on the Apple Passkeys feature, it’s up to applications, websites, and digital services to develop support for the feature. So even if you have it enabled, it may take a bit of time before it’s universally used. If you’re interested in seeing which services currently implement Apple Passkeys, you can check out this list compiled by Reddit user u/squirrelist. Follow this simple guide to turn on the feature:
Ensure you have the latest iOS 16 version installed on your iPhone.
Open your Settings app.
Tap on your Apple profile card.
Navigate to iCloud > Passwords and Keychain.
Make sure you have Sync this iPhone toggled on.
How to Create a New Passkey on iPhone, Mac, and iPad
The process of creating a new Passkey is extremely easy and requires minimal effort from the user, which is what Apple specializes in. If you want to try out a Passkey demo, you can head to this demo website developed by Hanko.io. Basically, you have the opportunity to sign up using a Passkey. When signing up for a service, go through the usual process where you fill in your basic information. Then, you’ll receive a prompt asking if you want to save a passkey for your account. Once done, you can begin to use your biometric data to log in to the website. This will be in the form of either Face ID or Touch ID. If you’re signing in to a non-Apple service, you have the option to scan a QR code instead.
Write a Comment