Nilescript

Nilescript

My Experience with Passkeys – The Passwordless Future

  • Last Updated: April 27, 2024

Table of Contents

If you’re like me, you’ve probably found yourself in a situation where you need to quickly access one of your online accounts, only to realize you’ve forgotten the password and must go through the tedious process of resetting it. But what if I told you that it is possible to access your online accounts without using passwords at all, relying solely on your device’s biometric sensors? This may sound futuristic, but it’s already a reality, thanks to passkeys.

Over the past six months, I’ve been using passkeys to access a significant number of my online accounts, and today I’m excited to share my experience with you. If you’re interested in learning more about passkeys and why they’re a better alternative to passwords, this article is for you. By the time you finish reading, you’ll understand why passwords are like old-school piece of tech that you won’t want to go back to after trying passkeys. 

The Struggle with Passwords

Before diving into my experience of using passkeys, let me first explain why passwords are no longer a convenient and secure way to access your online accounts. 

Remembering Complex Passwords is Another Chore

Security experts recommend using hard-to-guess passwords and advise against using the same passwords across different accounts. However, hard-to-guess passwords are also difficult to remember. How many times have you found yourself stuck trying to recall the exact combination of uppercase and lowercase letters, numbers, and special characters that you used to create that one strong password six months ago? The answer to this is yes for most of us. 

Even if you’re able to remember that one complex password, it is hard to do the same thing for dozens of accounts. That’s why using hard-to-guess passwords has also led users to reuse them across several online accounts. I’m sure many of you reading this article use the same password for your Instagram, Netflix, Gmail, Amazon, and several other apps you rely on. 

Password Managers Have Partially Solved the Issue of Remembering Complex Passwords

One effective way to avoid having to remember all your complex passwords is to use a password manager. Popular password manager options include 1Password, iCloud Keychain (for Apple users), and Google Password Manager for those with Google accounts. With a password manager, you only need to remember one password – the one for accessing the password manager platform. 

See also  Setting Up Google Workspace for Remote Teams: Everything you need to know 

Once you’ve granted the password manager permission, the password manager stores all your login credentials for your various accounts, including usernames and passwords. This allows you to view or autofill them whenever you want to access these accounts. 

However, password managers have a few drawbacks. One of these is that in the rare case where someone gains access to your password manager app’s password, they can easily gain full access to all your other passwords. While this is a rare situation, it is possible, and the consequences are severe if it occurs. These limitations make it clear that password managers are not a perfect solution for conveniently and securely accessing your online accounts.

Discovering Passkeys

I got to know about Passkeys while watching the Apple WWDC keynote in 2022 when they announced the integration of passkeys into iOS 16, iPadOS 16, and macOS Ventura. This move was to be adopted by other major platform vendors, including Microsoft and Google. That meant that Passkeys would be integrated in all the major Operating systems, including macOS, Windows, Android, iOS, and iPadOS. 

How do Passkeys Work? 

The logic behind passkeys is very simple, you simply need to use any of your trusted devices to prove that you are who you say you are before being allowed to access any of your online accounts. Passkeys rely on a cryptographic technique called public key cryptography. This creates a special key pair, which includes a public key and a private key for each account you create with a passkey-enabled service. 

When you sign up for a new account or choose to switch to a passkey on an existing one, your device (phone or computer) generates this key pair. The public key is sent to the service, while the private key stays locked away on your device. When logging in to the passkey-enabled website or app, it uses your public key to challenge your device, which responds with a unique digital signature created using your private key. The website then verifies the signature using your public key to grant access. This allows you to securely access the account without using any passwords. 

You can think of this whole process as a secret handshake between your device and the website. Only your device knows the secret code (private key), and the website can verify it using the public code (public key). That means no one can access this website unless they have your device and know your passcode. To learn more, check out my explainer article for passkeys

See also  macOS Data Backup and Recovery Guide – Why Time Machine Could Be Your Savior

The Magical Experience of using Passkeys

I’ve been using Passkeys more than six months, and I must say, it’s been a game-changer. I have fully switched to using passkeys for my google account, Apple account, X, Binance, Amazon, and several other apps. With Passkeys, I no longer have to worry about remembering complex passwords or typing them in correctly. I simply use my device’s biometric authentication (Face ID or Touch ID) to access my accounts. 

For instance, when signing into my google account, I simply have to input my email and then the next step (that used to be a password) is the passkey authentication which uses my FaceID (for iPhone) or TouchID (for Mac) to access the passkey for my google account. This is the exact sign-in process that I use for all the other apps that support passkeys. 

Since I am into the Apple ecosystem, all my passkeys are synced across my devices iCloud keychain. That means once I have any of my Apple devices, I can access all my apps without having to remember complex any passwords.

Benefits of using passkeys

The two main benefits of using passkeys are ease of use/convenience and better security. Let me explain. 

1.     Ease of Use and Convenience

Using passkeys eliminates the need to remember complex passwords or usernames. With passkeys, you can access any of your accounts as long as you remember the username and you have any of the trusted devices with you. Here are some ways passkeys make things easier:

  • No more password memorization: You don’t have to remember multiple passwords for your accounts. Passkeys take care of authentication for you. This is game changer especially for people with dozens or hundreds of online accounts. 
  • No more password resetting: Security experts recommend resetting your password at least once every three months. Doing this for all your online accounts can be tedious. However, with passkeys, you don’t to worry about forgetting passwords or resetting them every few months since they’re not required in the authentication process. 
  • Easy account setup: Setting up new accounts is a breeze with passkeys. You don’t have to go through the hustle of coming up with a new complex password every time you create an account. 
See also  Windows Vs Mac – Which One is More Secure?

2.     Better Security

Passkeys offer superior security compared to traditional passwords. Here’s why:

  • Phishing-resistant: Passkeys are resistant to phishing attacks since there’s no password to steal. For those who may not know, phishing is a type of attack whose it to get your personal information such as passwords for one of your online accounts. Removing passwords from the process, makes it had for hackers to access your account regardless of whether they have information about you.
  • No risk of password reuse: With passkeys, you don’t have to worry about reusing passwords across multiple accounts since they are not needed. Each account has its own unique passkey, reducing the risk of a breach.

Challenges and Limitations

Besides the many benefits, passkeys still have challenges that you need to know about before adopting them. Let’s explore challenges.

Limited App Support

One of the main challenges of using passkeys is that not all apps support them. While many popular apps and platforms have adopted passkeys, some major ones like Netflix have not. It can be frustrating after getting used to the convenience of passkeys and then encounter an app that doesn’t offer this sign-in option. I faced this frustration when using one of my banking apps and Netflix. 

Coexistence with Passwords

Another limitation is that platforms that support passkeys often still offer the option to log in with passwords. This means that the security benefit of passkeys being phishing-resistant is not fully realized until these platforms phase out passwords entirely. This transition could take a few years, and until then, passwords and passkeys will coexist.

The good news is that all these challenges could be sorted out in the next couple of years.

Final Thoughts

After using passkeys for six months, I can confidently attest that they are the future of securely signing into our online accounts. No more struggling to remember passwords or resetting forgotten ones. Passkeys offer a convenient and phishing-resistant login experience using your device’s fingerprint scanner or facial recognition. While some apps haven’t adopted passkeys yet, and password logins might still be offered alongside them for now, this will likely be resolved in the foreseeable future. If you haven’t already, I recommend trying out passkeys because I’m pretty sure more than one of your favorite apps already supports them.

Further Reading

Facebook Twitter Youtube Reddit Linkedin Quora Instagram

Privacy Policy

ABout us

© 2024 N I L E S C R I P T