Passkeys – Syncable WebAuthN credentials

Passwords have lousy security properties, and if you try to use them securely (long, complicated, and different for every site), they often have horrible usability as well. Over the decades, the industry has slowly tried to shore up passwords’ security with multi-factor authentication (e.g. one-time codes via SMS, ToTP authenticators, etc) and usability improvements (e.g.Continue reading “Passkeys – Syncable WebAuthN credentials”

Passwords have lousy security properties, and if you try to use them securely (long, complicated, and different for every site), they often have horrible usability as well. Over the decades, the industry has slowly tried to shore up passwords’ security with multi-factor authentication (e.g. one-time codes via SMS, ToTP authenticators, etc) and usability improvements (e.g. password managers), but these mechanisms are often clunky and have limited impact on phishing attacks.

The Web Authentication API (WebAuthN) offers a way out — cryptographically secure credentials that cannot be phished and need not be remembered by a human. But the user-experience for WebAuthN has historically been a bit clunky, and adoption by websites has been slow.

That’s all set to change.

Passkeys, built atop the existing WebAuthN standards, offers a much slicker experience, with enhanced usability and support across three major ecosystems: Google, Apple, and Microsoft. It will work in your desktop browser (Chrome, Safari, or Edge), as well as well as on your mobile phone (iPhone or Android, in both web apps and native apps).

Passkeys offers the sort of usability improvement that finally makes it practical for sites to seize the security improvement from retiring passwords entirely (or treating password-based logins with extreme suspicion).

PMs from Google and Microsoft put together an awesome (and short!) demo video for the User Experience across devices which you can see over on YouTube.

I’m super-excited about this evolution and hope we’ll see major adoption as quickly as possible. Stay secure out there!

-Eric

Bonus Content: A PassKeys Podcast featuring Google Cryptographer Adam Langley, IMO one of the smartest humans alive.


Print Share Comment Cite Upload Translate Updates
APA

ericlaw | Sciencx (2022-08-05T19:05:53+00:00) Passkeys – Syncable WebAuthN credentials. Retrieved from https://www.scien.cx/2022/08/05/passkeys-syncable-webauthn-credentials/

MLA
" » Passkeys – Syncable WebAuthN credentials." ericlaw | Sciencx - Friday August 5, 2022, https://www.scien.cx/2022/08/05/passkeys-syncable-webauthn-credentials/
HARVARD
ericlaw | Sciencx Friday August 5, 2022 » Passkeys – Syncable WebAuthN credentials., viewed ,<https://www.scien.cx/2022/08/05/passkeys-syncable-webauthn-credentials/>
VANCOUVER
ericlaw | Sciencx - » Passkeys – Syncable WebAuthN credentials. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2022/08/05/passkeys-syncable-webauthn-credentials/
CHICAGO
" » Passkeys – Syncable WebAuthN credentials." ericlaw | Sciencx - Accessed . https://www.scien.cx/2022/08/05/passkeys-syncable-webauthn-credentials/
IEEE
" » Passkeys – Syncable WebAuthN credentials." ericlaw | Sciencx [Online]. Available: https://www.scien.cx/2022/08/05/passkeys-syncable-webauthn-credentials/. [Accessed: ]
rf:citation
» Passkeys – Syncable WebAuthN credentials | ericlaw | Sciencx | https://www.scien.cx/2022/08/05/passkeys-syncable-webauthn-credentials/ |

Please log in to upload a file.




There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.