Passkeys: the solution against hackers and password hassles

Photo Written by Gijs de Rooij

Today, we engage in a variety of social platforms, subscribe to multiple on-demand streaming services, and online banking is part of the daily routine. For all these accounts, we need a password. In a perfect scenario, you have one unique and unbreakable password, per account.

Because many people can't see the forest for the trees with all these different passwords and accounts, we often reuse passwords. These passwords are also usually easy to remember and thus easier for unauthorized people to crack. Logically, this does not help with the secure encryption of all your data. A world without passwords will feel like a godsend to many. And that world is closer than you might think beforehand.

Function passkeys

The major originator of this new world is the Fido Alliance. This is an association with world players like Apple, Microsoft, Google, META and Samsung on board. All these companies are going to work with so-called passkeys in the coming years.

But what is the function of passkeys that prevents hackers from taking your data? Passkeys consist of two digital keys, a public key and a private key, which are generated per account. Only the public key is shared with the platform where you log in, the private key is exclusive to the user. With each login attempt, the private key verifies that these two keys belong together, after which you can log in.

Hacking becomes wasted effort

In an age where hackers are getting smarter and smarter and using more sophisticated techniques every day to get their hands on your data, a passkey is the perfect antidote. When a hacker ensures that all public keys are leaked, your data is not at risk. Without a private key, no one can ever log in, and that private key is truly yours alone. So hackers cannot get to it. Hacking databases will therefore be a waste of time in the future.

The intention is that these new passkeys will also make phishing a thing of the past. Whereas hackers can now reconstruct websites and trick users into entering their username and password, this is no longer possible with passkeys. This is because the two keys are linked to a particular website or app. This makes it impossible to log in to counterfeit websites.

Early beginnings

That the use of passkeys is still in its infancy is evidenced by the number of websites that support this new technique. In practice there are very few, so the danger of hacking is still lurking. Still, you can already use passkeys. On iOS, you can use passkeys starting with version 16. On Android, version 9 is required and on Windows, passkeys can be used from Windows 10.

There is no question that passkeys will improve the security of your data. However, we still have to be patient until all websites start supporting passkeys. But the fact that in a few years we will no longer be using a hundred different, easy or difficult to guess passwords, is only to be welcomed.

Gijs de Rooij Copywriter
LinkedIn Ads now supports server side tagging (CAPI)
The advantages and disadvantages of Cookiebot