Passkey is Evolving

Passkey is EvolvingA new survey showed users continue to choose easily guessable passwords even with the threat of account compromise. A study from NordPass showed 2022 was no different, with ‘Password’ at the top of the list, followed by a series of numbers and combinations of the two. Even with media attention to cybersecurity over the past few years, password habits are getting worse instead of better. The average consumer has around 100 passwords today, so it’s understandable why people reuse and use easily guessable passwords, but it doesn’t lower the threat of compromise.

Passkeys are a new technology that drastically reduce human error by taking the user-selectable password out of the equation. Passkeys use external devices, like smartphones, to approve login to an account with no password required to complete the authentication. The exchange uses biometrics like facial recognition or fingerprints at the user interface level to approve the authentication.

Passkeys work on a system of key pairs, one public and one held privately, on the user’s device. The two keys are mathematically linked to one another, so when a user tries to access an account, their device responds with the answer to the math problem. Since you need both pieces of the math puzzle to open the account, authentication can only be made with the selected device. However, all of this occurs in the background. The user only sees a prompt for a fingerprint or facial recognition scan.

Passkeys are also much more phishing resistant than traditional passwords because the authentication request is directed at an individual. Traditional passwords are susceptible to hacking because once the password is compromised, the criminal can log into the account anywhere in the world at any time. Multi-factor authentication helps to control this issue, but last year we saw ransomware groups bypass MFA and advertise their service to anyone looking to pay.

Apple, Microsoft, and Google are leading the charge to a passwordless world, and sites like eBay, Paypal, and WordPress already support the technology.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright