Is the future of passwords at stake? This is what Google and Apple, the big digital leaders, seem to suggest to us with the arrival of the Passkey, an identification system that happens from passwords.
By adopting the system of passkeysGoogle questions the usefulness of traditional passwords. This is also the new authentication method that all tech giants seem to be adopting.
But then concretely, what is a passkey and how does it work? In this article, find out if the end of passwords has already struck, what are the services that already use the Passkeys, how to integrate them and finally, what are the advantages of this new type of password manager.
What is a passkey?
THE passkeys will soon replace passwords. If you wonder why the answer is simple. Passwords have a large number of problems, for a long time:
- They are not practical because you have to have a different password for each site or service.
- The fact of reusing the same password indefinitely is dangerous from a point of view of the security.
- Passwords are difficult to remember If we want them to be efficient.
- They are easy to hack.
- People regularly forget their passwords.
- Etc.
Passkeys, or access keys, are similar as a real security revolution. But then, what is it?
Passkey is an authentication technology without password. The latter allows you to connect to applications or accounts thanks to a cryptographic key associated with an identifier and a device, protected by a defense that Only the user can unlock.
The single encryption key can only be used with the same device since it is synchronized with it. In other words, it is your device and your identity that allow you to connect to a service or an application.
More detailed, the Passkey is made up of two keys:
- One that is public, recorded by an application or a site.
- And the other, private, stored in a secure area in the device.
THE passkey is then synchronized with the devices linked by the same account within the same ecosystem.
How do passkeys work?
The operation is simple. Instead of writing your password on the keyboard of your device, you will have to Identify thanks to your devicethanks to a facial recognition, a PIN code or a fingerprint. Just connect to your device, whether it is a computer or a phone.
Everything is done at the local level. You must therefore be in the presence of your device to identify yourself. This therefore prevents computer hackers from acting remotely, which was possible thanks to Double authentication. The accounts could be diverted remotely thanks to the practice of fishing.
But then in case of theft of my device, how does it work? It's simple, we can absolutely delete passkeys In case of loss or theft.
Is this the end of passwords?
This new technology seems to ring the End of passwordssimply because passkeys are a much more secure way of authentication.
Besides, large tech companies like Apple, Microsoft, Google and many others have chosen to join the Fido Alliance for Integrate Passkeys In their operating system, so that you no longer have to use passwords. The revolution is therefore already underway.
Thus, even if you have not finished using your passwords in the near future, all companies do not yet use this system, this alliance marks the start of a digital security revolution.
Examples of services that use Passkeys
Some services such as Google and Boursorama already manage their services through identification keys.
Connection to Google Services thanks to a Passkey
- If you have a Android smartphone And that you already have a Google account associated with your phone, your account has probably been automatically registered with an access key. If this is the case, you can find your information in the tab Access keys created automatically. You can then click on Use access keys.
- If your account has not been registered with a key or you have a iphoneclick on Create an access key, then on Use another device. A QR code will be displayed, it will then be necessary to scan it with your device. Then you can log with Face ID.
- Finally, we can create several access keys, but also a password manager to manage Different passkeys.
So when you are going to connect to your Google account, you will validate the connection with your new access key, more secure than your old password.
Connection to your Boursorama account via a Passkey
- First, press the pink button on the site so that the operation can be triggered. To confirm the latter, you must put your finger on the fingerprint sensor of your phone, or thanks to Face ID.
- An operating system panel then appears to recall what the bank account is for which the key is created.
- The key is stored in the iCloud trousseau for an Apple device. It is visible in Settings> Passwordsor in the section Passwords of safari.
How to integrate a passkey into your site or your application?
If you have your own site or your application, you can absolutely Integrate and set up a Passkey system To secure data from your users or customers. Indeed, any app and any site can set up such a system. In particular, there are plugin or software that allows companies to set up passkeys.
You can also use a developer in freelance On Codeur.com to help you set up your key manager system.
What are the advantages of a password manager?
The password manager has many advantages, both for practice and for security.
Use a Passkey for better security
THE Passkeys are a more secure means that passwords to identify. Indeed, the key manager is never sent directly to an application or a site. It is associated with a device. Pirates cannot therefore connect remotely.
Likewise, we no longer need to note your password somewhere, something dangerous in terms of security digital. The information is no longer to be remembered. Just connect to a device.
Connect faster with a passkey
The Passkey is good more practical than the password. Creating an access key hardly requires any interaction. It is the unlocking of the device that conditions access to information.
Unlike the password, you do not need to reconnect each time to access a service, a site or an application. The key synchronizes directly.
Do not have to retain a multitude of passwords
Thanks to the Passkey, you no longer need to have to use multitudes of passwords you cannot remember. You no longer need to reset your password repeatedly because you no longer know which code you have used. And that is a real innovation.
Our tip for using a passkey
To use a passkey, we advise you to start with Google. Just authenticate with your code and then create an access key. Then you can choose your identification method. By starting this system with Google, you can easily understand how it works and above all, understand how much it can facilitate your safety on the net.
To secure your own sites or applications, you can choose to join the Passkeys revolution And to ask for help from a developer on our freelance Coder.com.