page-loading-spinner
Home Is there a better password protection than Passkey?
Preparedness
Resilient Life

Is there a better password protection than Passkey?

The User's Profile iSecurityGuru December 11, 2022
11
placeholder image
Looking for part 2?

Fifty years ago, at the dawn of the Internet, people logged on to systems using passwords. Today, we are still doing the same. Despite the astonishing growth and development of technology over the past five decades, user authentication is still stuck in the technological stone age. The problem is, as I explained here “If you…

View Part 2

Fifty years ago, at the dawn of the Internet, people logged on to systems using passwords. Today, we are still doing the same. Despite the astonishing growth and development of technology over the past five decades, user authentication is still stuck in the technological stone age. The problem is, as I explained here “If you don’t use a password manager, you will EVENTUALLY be hacked”, hackers are using machines to crack passwords, which the human brain simply cannot overcome.

According to Karspersky,

The vast majority of data breaches are caused by stolen or weak credentials.

How Data Breaches Happen

According to CloudNine,

81% of hacking-related breaches used stolen passwords and/or weak passwords.

Cybersecruity Trends

Troy Hunt’s Have I Been Pwned website shows that password-related data breaches are happening at such alarming frequency and magnitude that it should be clear that password authentication should not be trusted anymore.

Fortunately, there is good news.

Yesterday marked a turning point in the history of passwords. Apple released iOS 16 and introduced a new password-killer technology called Passkey. The premise of Passkey is simple. Instead of relying on the human brain to remember secrets to authenticate, it relies on using powerful machines to do the authentication instead.

The advantages of passkeys over passwords?

No shared secrets

First, unlike passwords, there is no shared secret between the user and the system in passkeys.

A passkey is a pair of public and private cryptographic keys. These two keys are mathematically related to one another, but you cannot derive one from the other.

The rest is exclusive content for members

Curious about what being a member offers? Sign up now for a risk-free trial and get a sneak peek into the premium content, features, and perks awaiting you on the other side.

Looking for part 2?

Fifty years ago, at the dawn of the Internet, people logged on to systems using passwords. Today, we are still doing the same. Despite the astonishing growth and development of technology over the past five decades, user authentication is still stuck in the technological stone age. The problem is, as I explained here “If you…

View Part 2

Community

Top Comment

SQRL Is available in the sense that it is an open standard that Steve Gibson has generously donated.
it is not available in the sense that...
Anonymous Author by isecurityguru
1
Start Here What Do I Do?