Share This Article
Sign up to stay
Even though we are big believers in strong, unique passwords, we even get headaches about generating, maintaining, and safely storing hundreds of passwords. They are somehow too easily cracked by today’s cybercriminals but impossible for us to remember at the same time. Now many people are dreaming of a more secure future, a future where we’ve transcended the need for passwords. But is this a fantasy? And if isn’t, how close are we to achieving passwordless authentication?
Right now, passwordless authentication is sort of like multi-factor authentication with some cryptography thrown in. Instead of entering a password, you provide some form of identification like a fingerprint scan or hardware token code, which might be stored on your smartphone, for example. Basically, passwordless authentication involves a pair of cryptographic “keys,” a public key and a private key (which is also like how some cryptocurrency wallets work, if you’ve heard of that). Imagine turning both public key and private key at the same time — this is how you would access your passwordless account.
Some of this has already come online – in 2022, Apple announced a feature called “passkey,” a form of passwordless authentication. Google and Microsoft are working on similar projects. Companies and services like Best Buy, Kayak, and eBay have begun allowing users to choose passkeys for logging on.
So, while we don’t think passwords are going away anytime soon (which is why you should always use strong ones), it seems passwordless authentication will be headed to your devices as an option very soon, if it isn’t there already. But with all new innovations, it will take time and concerted effort to ensure passwordless authentication realizes its potential. Hackers sure aren’t going to take a break in trying to figure out how to crack it. This is another reason why identity management, meaning managing who has access to online systems, is a critical topic for all digital citizens.