WHY THIS MATTERS IN BRIEF
Passwords suck, they are easily cracked, but Apples new system protects you in a new way.
Love the Exponential Future? Join our XPotential Community, future proof yourself with courses from XPotential University, read about exponential tech and trends, connect, watch a keynote, or browse my blog.
As the number of cyber attacks continues to rise almost exponentially Apple is bringing Passkeys – a new approach to password security and way to keep you safe – to your Apple ID in iOS 17, iPadOS 17, and MacOS Sonoma. This is a huge step forward for account security, and removes the need for a password altogether.
Using Face ID or Touch ID you’ve been able to identify yourself quickly, securely, and easily to login to Apple’s own websites for a while now, and this also works across devices too, meaning you can activate a prompt to scan your face using your iPhone 14 Pro Max to login to an account on your M2 Pro MacBook Pro.
The Future of Cyber Security, by Keynote Matthew Griffin
Announced originally in 2022 Passkeys is the next logical step to a passwordless future, and with many companies rolling out Passkeys across their websites, this is another encouraging step towards that goal. But let’s get a quick explainer in here to catch everyone up. There’s been a lot of talk about Passkeys, but what are they?
In Apple’s own words, they’re a “cryptographic entity that’s not visible to you, and it’s used in place of a password.” In simpler terms, let’s look at the current login process of a website — a username and a password.
Somewhere on that site’s backend, this data will be stored, and no matter how protected it is, having all this private information in one place will make it susceptible to cyber attacks. Combine that with the common behaviour of people using the same password across multiple attacks (please don’t do this), and hackers can gain access to a lot of your accounts.
A Passkey works differently. While there is one public key that is registered with the account you’re logging into, it will only be activated with a second key that is held privately on your devices only. This private relationship – or Key pair – forms an additional shield to outside attacks, and given these private keys never leave your device, there is no possibility of a website or app leak. And it’s this pairing that makes them virtually unhackable. And given these keys are not visible to you either, you don’t need to remember passwords.
If you’re on the new Beta program you’ll see the prompt to “Sign in with iPhone,” which brings up a FaceID prompt on your phone to log straight in. In the future, you’ll see any website that uses the “Sign in with Apple” tool get this as well. On top of that, in my own testing, I saw the passkey prompt also appear in Google Chrome on my MacBook.
Given what we know about passkeys, this is going to be a fundamentally positive shift in security and convenience — there won’t be a need to remember a litany of passwords, or store them in a password-protected online vault that still faces the same risks of exploitation.
Passkeys for your Apple ID are the future. There’s no doubt about that, and the public rollout in just a few months time is going to help vastly improve the security of your accounts.
Not to say they are completely impervious to cyber attacks. With Passkeys, every one of the sites that utilize them will have separate login credentials — meaning that hackers will be very busy having to steal all of your different keys, rather than attacking a weaker site to take one password and trying it across the board.
If you’re on any of the developer betas, you can try it out now on Apple’s own websites.