Passwords? Past Words.

For all of the things we secure behind a password, I’ve yet to run into anyone who truly enjoys them. Financial details, our social media accounts, email, streaming services. They’re the keys to our digital lives. What if the end was on the horizon for hurriedly typing things into a box before having to hit that dreaded “I’ve forgotten…” button, though? Will we soon be able to ditch our least-favorite combinations of at least eight characters with capitals and numbers mixed in?

I’ve written about passwords on a couple of occasions, but their shortfalls remain the same. Generally speaking, a password which is more secure against someone else obtaining it is consequentially more difficult for our human brains to remember. Things like avoiding common words and adding symbols into the mix are a great way of preventing your accounts falling into the wrong hands, but most of us favor credentials which are easier to commit to memory. Password managers help with this, such as those offered by Apple and Android natively, but we still tend to re-use passwords across multiple sites meaning, if compromised, the potential for damage is much greater.

A new technology coming later this year will however shake up what’s been the norm for over three decades when it comes to logging into things. This technology is passkeys, and it’s better than passwords in almost every way. The idea itself is simple, already shows signs of industry adoption and renders the issue of compromised, weak or recycled passwords a thing of the past. There will be some learning to do and you’ll need to get set up to take advantage of passkeys, but once it’s done it’s going to be fairly seamless and largely immune to a person using multiple devices across manufacturers.

So how will this all work? A passkey is a unique credential for any website or service you log in to, stored securely typically behind the fingerprint or other biometric you currently unlock your phone with. Each passkey will be specific to the thing you set it up to access. Say you want to log in to your Netflix app on an iPad. You’ll go through the steps as normal, but instead of having to type a username and such, your device will handle the secure transmission of your passkey. No forgotten logins, no leaked passwords, no ex-girlfriends still mooching free streaming. Want to log in on your, or someone else’s PC? Passkeys has you covered, as it has cross-device support built in.

Now, if this sounds a lot like the “save my password” option we’ve been using for years, there are certainly parallels to be drawn. While there are a number of differences, most of them are very boring and rooted in the security which we take for granted. For the average person there are two main wins. Firstly, it means that you can’t get into the situation where you’ve changed your password on a machine other than the one on which it is stored, rendering that stored one incorrect. Secondly, it’s truly device agnostic; and as most people will be using their smartphone to store their passkeys it adds an additional layer of physical security even if you’re logging into a desktop.

The upshot of this is that there will soon be a safe, convenient way to ditch the password book you keep in your desk drawer. It does I’ll admit make us a little more reliant on our smartphones, which could be seen as a downside. Genuinely though when was the last time you were more than six feet from it? For the truly anti-handset, passkey support is coming to Windows and Mac too, albeit without some of the benefits. A win for everyone, except your Netflix-stealing ex.