With Some Help, Apple Passkeys Could Finally Kill the Password

pcmag.com:

At its Worldwide Developer Conference (WWDC) this week, Apple previewed a new scheme that could help make passwords a thing of the past with a passwordless login scheme called Passkey. Darin Adler, VP of Internet Technologies at Apple, pitched Passkey as "more secure, easier to use, and aims to replace passwords for good." That's good to hear, considering how lousy passwords are, but many have tried to do away with passwords before.

Adler described Passkeys this way: "A unique digital key is created that only works for the site it was created for." Instead of passwords, Apple users would verify their identity using biometric authentication, which is already built into most of the company's product line with Face ID, for facial recognition, and Touch ID, for fingerprint scanning. 

In the presentation, we see someone creating a new account on a website. They enter their email address, but instead of creating a password, a window pops up asking if they want to create a Passkey. The user authenticates using biometrics—in this case, the Touch ID on their Mac—and that's it. 

Adler explained that Passkeys are automatically synced between a user's Apple devices, including Apple TVs, using iCloud Keychain, and are intended to work in apps as well as on the web. Passkeys are also meant to work cross-platform. In the demonstration, a user goes to log in with their passkey and is presented with a QR code to scan. Adler said that in this scenario, the person's iPhone would authenticate the login, presumably by scanning the QR code.

While ease of use was on display in the WWDC presentation, Adler stressed the security benefits of Passkeys. "Passkeys can't be phished since the Passkey never leaves your devices," he said. "Hackers can't