Tech Tips

Why this login technique may soon replace all your passwords

Passkeys are emerging as a viable alternative to passwords and there's a good chance you're already using them.

Person typing on a keyboard.
Jenny Kane / AP

With the increasing prevalence of cyber-attacks, internet security experts are looking for more secure methods to protect online accounts. Passkeys are emerging as a viable alternative to passwords and may soon replace them altogether. In fact, there’s a good chance you are already using them, primarily if you use Apple, Google or Microsoft products.

What is a passkey?

Passkeys provide a higher level of security than traditional passwords by using public key cryptography. Each passkey is unique and tied to a user account and website or application, making it difficult for hackers to gain access. Additionally, passkeys are highly phishing-resistant, meaning they can’t be used in malicious attempts to steal personal information.

Passkeys rely on WebAuthentication (WebAuthn). WebAuthn works by allowing users to register their devices or biometrics as authenticators, which can then be used to log into websites without needing a password. During registration, an authenticator will provide a public key to an application that will have access to it. This public key is then used to generate a unique digital key that only works with that specific website or app. This ensures that only authorized users can access the website or app and keeps your data safe from hackers and other malicious actors.

Woman types on her laptop keyboard.

Is Your Password One Of The Most Common In The U.S.?

NordPass released its 2022 list of the most common passwords — and the password manager reports that 83% of them can be cracked in a second.


Major tech companies such as AppleGoogle and Microsoft have already adopted passkeys as an authentication method for their users. This makes logging into devices, websites and apps faster, easier and more secure across all devices. 

With passkeys, users can sign in to apps and websites with a biometric sensor, PIN or pattern, eliminating the need to remember and manage cumbersome passwords. In addition, passkeys provide superior protection against phishing attacks compared to SMS or app-based one-time codes. Plus, since passkeys are standardized, they enable users to access passwordless services across different browsers and operating systems without needing multiple implementations.

Do passkeys have risks?

While this new technology offers more secure authentication than passwords, there are still some challenges associated with using passkeys.

One challenge is that passkeys require users to have access to biometric authentication such as fingerprint scanning or facial recognition. This means that if the user does not have access to these — for instance, if the fingerprint sensor isn’t working — they will not be able to use the passkey system.

Apple Pay mobile payment system.

Mobile wallets are convenient, but how safe are they?

An expert says adding a debit or credit card to your mobile wallet actually adds a layer of protection.


Another challenge is that some passkeys require users to have access to an additional device in order to authenticate. This can be inconvenient for users who don’t always have access to their secondary device or who don’t want to carry around multiple devices. Additionally, if the user loses or breaks their secondary device, they may not be able to authenticate at all.

Ultimately, it’s up to each user to decide which authentication method best suits their needs. While passwords may still be the most popular option right now, passkeys could soon become the new standard as they offer greater security and convenience when it comes to protecting online accounts.

This story was originally published by Tricia Goss on