Is a future without passwords possible? Tech companies believe so, and they’re working to make it happen. Let’s take a look at the security measures that might replace passwords, and what consumers can expect to see in the near future.
The problem with passwords is that they’re not very secure. The fact that we need so many of them leads to the common practice of using easy-to-guess and repeated passwords. But passwords that are easy for consumers to guess also are easy for hackers to steal. And re-using passwords just makes it easier for cybercriminals to break into more accounts.
Right now, the best way to handle that is to use a password manager. But that doesn’t address security from the other side: the server. You could have the best password in the world, but that doesn’t do you any good if the server isn’t storing them properly.
Then there’s the transmission of passwords from point A to point B. You might have the best password in the world and the best server security, but if the password is being sent across an insecure network, it can still be stolen.
That’s a lot of security to think about. What we need to do is simplify the process. What if there were a way for consumers to log into all of their accounts using a single method that’s both easy and secure?
Enter what Apple refers to as “passkeys.” Introduced during the June 2022 Apple event, passkeys will be available to consumers in the latest versions of Mac and iPhone/iPad software. (That’s macOS Ventura and iOS 16, both slated to be released later this year.)
Apple’s passkeys work by replacing website and application passwords with digital keys that are linked to the user’s Touch ID or Face ID biometrics. Instead of typing in a complex password, users will simply need to tap notifications pushed to their phones. The entire process is encrypted from one end to the other with the latest technology. Experts predict this will alleviate many of the current problems with passwords.
Apple isn’t the only one working toward a passwordless future. In fact, Apple, Microsoft and Google have teamed up to support a new standard for passwordless authentication that works across different platforms. Developed by the FIDO Alliance and the World Wide Web Consortium (W3C), the new standard one day could allow an Android user to unlock a Mac or an iPhone user to log into a Windows computer.
The rush to replace passwords largely is driven by the increase in cybercrime. Cybercrime has a cascading effect. A single consumer computer infected by malware might not seem like a major problem, but twenty thousand malware-infected computers can become an army used to attack juicier targets like enterprise servers and even governments. Not to mention the illegal profit gained from corporate espionage, data theft, financial fraud … the list goes on.
Fortunately, not only is a passwordless future possible, it’s already here. It will be exciting to see how this new technology develops even further.
• Triona Guidry is a freelance writer and consumer technology specialist offering tech support and advice for home computer users. For free weekly tips and news by email, subscribe to her Simple Tech Tips blog at www.lightningtechsupport.com/subscribe.