Once the technology is released later this year, you will be able to use your passkeys on all devices that use the same iCloud/Microsoft/Google account. Your device(s) will take care of passkey synchronization. So far, that’s regular asynchronous cryptography, but natively supported by your device and put in a web standard (“WebAuthn”) for every website or app to use, already supported by every major web browser and operating system. This signature then proves against a server that it has been created with that unique private key, without ever risking giving away the key itself. In a WebAuthn login ceremony – from the user’s perspective that simply means a biometric gesture (think Touch ID, Face ID, or Windows Hello) – the private key is used to generate a signature (you also won’t see that, as it happens behind the scenes). You will never actually see that private key, nor will anyone else (hence the “private”). Well, it’s a piece of cryptographic information, a private key, stored on your computer, phone, tablet, smart watch, or security key for that matter. What's WebAuthn again?īut before we start with passkeys and multi-device shenanigans, you may ask “What is FIDO or a WebAuthn credential again?” (if you know the answer, feel free to skip to the next headline). I heard this question probably a few hundred times – and honestly, there was no good answer. So why are passkeys such a big deal? Let me explain…Įver since the introductions of FIDO (back in 2014) and its sort-of-successor WebAuthn (2019), the most daunting question for anyone promoting FIDO’s passwordless benefits has always been: “But what if I lose my device?”. Apple did their own share of work, which they introduced on its own as “ Passkeys in iCloud Keychain” at WWDC 21 back in June 2021 and the tech has been in developer preview on iOS and macOS since then. Serious efforts have been invested into this topic, mostly by two of the key players of the FIDO Alliance: Google and Microsoft. In March 2022, the FIDO Alliance published a white paper on a new concept called "multi-device FIDO credentials – or “passkeys” for short. Find out how passkeys can finally replace passwords for consumer logins while offering an improved user experience and much better security.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |