Apple introduced the new iOS16 and announced an exciting new feature: Passwordless Access with Passkeys. This is the first time that public keys have been introduced for security. An explanation of the technique with commentary from Okta.
The industry has always known that public key encryption is a more secure alternative to passwords. However, no one has managed to make their use easy enough to achieve widespread adoption - until now. Passkeys use public-key cryptography and FIDO2 authentication, making them essentially phishing-proof while offering the same level of convenience that has long made passwords so popular. If passwords are the starting point, passkeys are an obvious and essential improvement.
Passkeys - the better passwords
Apple offers one of the most extensive Passkey implementations. On Apple's platform, the Passkey feature is only enabled if iCloud syncing is also turned on on the device - a setting that can be disabled on Workplace Managed devices. Another Apple implementation that has had some security experts concerned is the ability to AirDrop passkeys to nearby devices — essentially the same capability already available for passwords stored on Apple devices.
With Passkeys we finally have a viable alternative to passwords – one that can protect users from today’s rampant phishing threats while providing the level of usability and convenience needed for widespread adoption.
More protection against phishing
The widespread adoption of roaming technologies by OS and browser vendors, which makes a solution like Passkey possible, is also a factor that will exacerbate the consolidation of critical functions in the hands of a few vendors. We hope that the subsequent phases of the technology will open up to a variety of participants and allow for technical choices, e.g. B. by including combinable passkey providers. In the meantime, we strive to promote Passkey by making it very easy for developers to offer their users this new user experience without requiring any code changes. Says Vittorio Bertocci, Principal Architect at Okta
More at Okta.com
About Okta
Okta is a leading independent provider of enterprise identity and access management solutions. The Okta Identity Cloud empowers organizations to securely connect the right people, with the right technologies, at the right time. With 7.000 pre-built integrations with applications and infrastructure providers, Okta customers can easily and securely leverage the best technologies for their business.
Matching articles on the topic
[starbox id=USER_ID] <🔎> ff7f00