Bye-bye, passwords? Why passkeys can be the new way to log into apps, sites

Most of us agree passwords are a drag. At best, we’re indifferent to them even as we begrudgingly recognize their purpose. The biggest tech companies share your frustration. Apple, Google

and Microsoft, along with giant companies in other fields, are throwing their collective weight behind a password alternative called passkeys, which promise to be more secure than regular

passwords and eliminate the associated hassles. Passkeys are based on an emerging standard developed by the Fast IDentity Online (FIDO) Alliance, an industry group, and the World Wide Web

Consortium. FIDO Alliance members include Amazon, American Express, Bank of America, Chase, CVS Health, eBay, Intel, Lenovo, Mastercard, Meta, PayPal, Samsung, Sony, Qualcomm, Verizon, Visa

and Wells Fargo. While passwords as we know them aren’t going to disappear anytime soon, the new passkey solution has already started showing up. On May 3, Google began rolling out passkeys

across all Google Accounts on all major platforms, meaning you now have the option to ditch passwords. Passkeys leverage biometric login methods you may already be taking advantage of, such

as facial recognition, fingerprint scanning or even a personal identification number that you probably know better as a PIN code. At its Worldwide Developers Conference in June 2022, Apple

went all in on passkeys, which it made available to developers as part of its macOS Ventura and iOS 16 operating system software for Mac computers and iPhones. Apple’s future operating

systems promise to replace passwords for good in the long term. MORE CHANGES ARE POSSIBLE IN 2023 Apple’s very public embrace of passkeys last year came about a month after Google heralded

the solution at its own developer conference. Google initially added passkey support for developers of Android and Chrome. WHAT’S THE DIFFERENCE? PASSCODE, A.K.A. PERSONAL IDENTIFICATION

NUMBER (PIN). A secret numeric code of at least four digits that a person uses to verify his or her identity PASSWORD. A word or string of characters that an authorized user creates to log

in to a computer system or service PASSPHRASE. A sentence-like set of words or characters, longer than a password but often easier to remember, that serves as a login to apps and websites

PASSKEY. A method of verifying an app or website user who is tied to both the app or site and the device trying to gain access. Both “keys” need to fit before a user is allowed in, but the

process is done without entering a username or other proof of identification. Microsoft is on board, too, and expects people to be able to use passkeys across all its platforms as well. A

year ago, the three normally fierce rivals issued a joint news release with FIDO. “The complete shift to a passwordless world will begin with consumers making it a natural part of their

lives,” Alex Simons, a Microsoft corporate vice president for identity program management, said in the release. “Any viable solution must be safer, easier, and faster than the passwords and

legacy multi-factor authentication methods used today. By working together as a community across platforms, we can at last achieve this vision and make significant progress toward

eliminating passwords.” “In the near future, you’ll be able to sign in to your Microsoft account with a passkey from an Apple or Google device,” Simons said in a separate blog post. For now,

people who want to remove the password from their Microsoft accounts can use the Microsoft Authenticator app to log in. It works in tandem with two-factor authentication, such as a mobile

phone you’ve logged in to with your face, fingerprint or PIN. THE PROBLEMS WITH EXISTING PASSWORDS We’re all too familiar with the problems passkeys aim to solve. Most people ignore the

advice of security experts and use the same or similar passwords across the board when signing in to apps and websites. Indeed, 2 in 3 Americans report reusing passwords for different online

accounts, according to an Ipsos poll of 4,000 U.S. adults.