Passkeys take yet another big step towards killing off passwords


Peach_iStock/Getty Images

It’s been around two years since passkeys came onto the scene, and the technology has come a long way in making the world a passwordless place. Yet, one feature that’s been absent is the ability to import or export passkeys between devices.

That is set to change, as the FIDO Alliance — the working group behind the technology — has published a draft specification for Credential Exchange Protocol (CXP) and Credential Exchange Format (CXF) formats that would not only work for the secure transferring of passkeys but also other forms of authentication.

Also: How to create a passkey for your Google account (and why you should)

This should make passkeys easier to use, and it could also help secure passwords because they are currently imported and exported between services using plain-text, unencrypted CSV files, which is a huge risk.

Making passkeys easier and more secure than passwords has always been the goal, as this is the best way to get people to switch over. 

Also: 7 password rules to live by in 2024, according to security experts

And it’s working. 

According to the FIDO Alliance, some 12 billion online accounts are secured using passkeys, and by using passkeys over passwords phishing has been reduced, and credential reuse eliminated, all while making sign-ins up to 75% faster, and 20% more successful than passwords or passwords plus a second factor like SMS OTP. 

Last month, Google made another big change to passkeys to make them easier to use by allowing them to be saved and synced automatically across all devices when logged into the same Google account.

Also: The best VPN services of 2024: Expert tested

There are some big names pushing passkeys — from the likes of Apple, Google, Microsoft, and Samsung, to those in the password manager game such as 1Password, Dashlane, and NordPass — so it’s no wonder that it’s come along as fast as it has in the two years. 





Source link