2 min read

Are Passkeys the Future? Apple Seems to Think So...

Featured Image

It's no secret that passwords are a pain in the butt. They can be difficult to remember, they're a huge target for cybercriminals, etc.

Apple seems to think they're a pain in the butt as well. On June 6, 2022, the Cupertino-based Fruit Company announced its plans to kick passwords to the curb and adopt the usage of Passkeys in their upcoming software suite (macOS, iOS, etc).

Darin Adler, Apple's vice president of internet technologies at Apple said passkeys are easier to use, and not as vulnerable to phishing and theft attempts and would be instantly available across all of Apple's platforms instantly.

“When users create a passkey, a unique digital key is created that only works for the site that was created,’’ Adler said during the keynote “Since the passkey never leaves your devices, hackers can’t trick you into sharing on a fake website. And passkeys can’t be leaked because nothing secret is kept on a website.”

Apple also mentioned the fact that their new Passkeys would be compatible with non-Apple devices and websites. They didn't get into too many specifics but Google and Microsoft were mentioned as partners in the endeavor.

Now, let's be honest here; this isn't some kind of new, revolutionary technology that Apple has created. It is, however, a great example of how Apple manages to rebrand or recycle existing technology into their product and make it seem like it's cutting edge or even at times, proprietary.

Apple's Passkey feature is in fact just an application of Fast IDentity Online (FIDO), and that's a good thing.

What is FIDO and who makes up the FIDO Alliance?

FIDO, or FIDO Alliance, is an open industry association whose main goal is to develop and promote authentication standards that reduce the "over-reliance" on passwords. FIDO supports authentication tech like biometrics (fingerprint readers, iris scanners, voice, and facial recognition), and USB security tokens, among others, to authenticate a user without having to use a password.

Apple's been using technology like this for years. FaceID and TouchID have both been security staples in Apple's product lines for years. Millions use Apple products every day and millions are already using these technologies to help protect their devices from unauthorized access. Passkey is really just an expansion of an already existing technological implementation.

The FIDO Alliance is made of numerous companies but its board consists of the following:

Amazon American Express Apple Bank of America
CVS Health Egis Technology Feitian Google
GoTo HYPR Idemia Infineon
ING Intel Jumio Lenovo
Line MasterCard Microsoft Nok Nok
NTT Docomo OneSpan Onfido PayPal
Qualcom RAON RSA Samsung
Synaptics Thales Transmit Security Trusona
TrustKey Solutions USAA VISA VM Ware
Wells Fargo Yahoo Japan Yubico  


Should you hop on the Passkey Bandwagon?

There's really no bandwagon, but yeah, passkey or FIDO is the future. This isn't Apple's proprietary technology. They're just better at marketing than basically anyone else on the planet. What they're doing here is forecasting a future that's already there if you know where to look.

Yubico, one of the FIDO Alliance board members has been making YubiKeys for years and we highly recommend them. Where Apple has built in this sort of technology, other companies have not. YubiKeys add that functionality. You can find them here: https://www.yubico.com/products/

When will this update hit Apple devices?

There's no official date but Apple typically announces their upcoming software during their World Wide Developer Conference (WWDC) in June with an estimated release in the "Fall." So anywhere from the end of September until near the end of December.

 

Are Passkeys the Future? Apple Seems to Think So...

It's no secret that passwords are a pain in the butt. They can be difficult to remember, they're a huge target for cybercriminals, etc.

Read More

Alert: Follina aka CVE-2022-30190

A newly discovered exploit is using a flaw in Microsoft's Support Diagnostic Tool (MSDT) to remotely take over end-points via compromised Word...

Read More

Chaos/Yashma: The Torrid Tale of a GUI Based Ransomware Builder...

It used to take a good deal of coding knowledge to build a website or an application. That's not the case anymore. You can build a website in...

Read More