December 2, 2022
The password "killer" has finally arrived in a safe and easy-to-use way

The password “killer” has finally arrived in a safe and easy-to-use way

While Big Tech’s idea of ​​terminating passwords was a hot topic, it was still far from reality. Other alternatives have been developed such as: Payment Processes, OAUTH Single Sign-On and Trusted Platform Modules. However, they were the ones who presented security problems that appeared during use. On the other hand, there is a new alternative called keys From access and whom we will talk about in the text. paying off!

Read more: encryption

Understand how access keys work

Access keys are a way to store access permissions in devices, which is not a new concept. The major developers (Microsoft, Apple, Google and a host of others) have come together in a new standard called Singlepasskey sponsored by the FIDO Alliance. Using access keys, in addition to facilitating access, ensures more security against account takeover attacks. This alternative is already in use in some companies. PayPal announced this week that users in the United States can use it.

The keys are invisible and integrate with Face ID, Windows Hello and other biometric readers. However, systems are still being updated so that the keys can be used on both iOS or Mac, as well as on Windows.

Key Features

This is a secure system, as you only physically unlock or jailbreak the device in order to get some encrypted information. And you still need to provide your fingerprint, face scan, or PIN token. Another additional security point is that the authentication flow between FIDO devices, based on Bluetooth Low Energy, checks for the proximity of the authentication device to the device trying to log in.

So far there have been few attacks against the system. Access keys are not password dependent, they store many authentication factors managed by the device’s operating system. In addition to the ability to capture encryption from other devices using a cloud service.

Microsoft announced that it plans to introduce sync support in 2023. These are the platforms that support passkey sign-in from a nearby device:

  • Edge and Chrome on Windows;
  • Edge, Safari, and Chrome on macOS;
  • Chrome OS.