Home Is there a better password protection than Passkey?

Is there a better password protection than Passkey?

The User's Profile iSecurityGuru December 11, 2022
placeholder image

Fifty years ago, at the dawn of the Internet, people logged on to systems using passwords. Today, we are still doing the same. Despite the astonishing growth and development of technology over the past five decades, user authentication is still stuck in the technological stone age. The problem is, as I explained here “If you don’t use a password manager, you will EVENTUALLY be hacked”, hackers are using machines to crack passwords, which the human brain simply cannot overcome.

According to Karspersky,

The vast majority of data breaches are caused by stolen or weak credentials.

How Data Breaches Happen

According to CloudNine,

81% of hacking-related breaches used stolen passwords and/or weak passwords.

Cybersecruity Trends

Troy Hunt’s Have I Been Pwned website shows that password-related data breaches are happening at such alarming frequency and magnitude that it should be clear that password authentication should not be trusted anymore.

Fortunately, there is good news.

Yesterday marked a turning point in the history of passwords. Apple released iOS 16 and introduced a new password-killer technology called Passkey. The premise of Passkey is simple. Instead of relying on the human brain to remember secrets to authenticate, it relies on using powerful machines to do the authentication instead.

The advantages of passkeys over passwords?

No shared secrets

First, unlike passwords, there is no shared secret between the user and the system in passkeys.

A passkey is a pair of public and private cryptographic keys. These two keys are mathematically related to one another, but you cannot derive one from the other.

The rest is exclusive content for members

Curious about what being a member offers? Sign up now for a risk-free trial and get a sneak peek into the premium content, features, and perks awaiting you on the other side.


Top Comment

I’d recommend you to take a look at KeepassXC. This is a non-cloud based password manager so it’s more work to have up to date...
Anonymous Author by henning