I think of myself as tech savvy but for some reason i either missed the memo on Passkeys, or just misunderstand how the thing works. Im reasonably sure my parents/granparents will start asking me about this stuff soon (as google / other websites push it on them), and id really like to understand it myself first so i can explain it to them as well.
Right now, to login to website/account/etc i just need to know my login (i.e. my email address, or my username) and my password. For example, “FakeDogLover”+”CatsRule123”. How is Passkey different?
In: 1799
You know how you can sign into phones using your face or fingerprint. Well say you want to login to a website with a passkey. If you have generated that passkey using your phone-appropriate provider (think Google, or apple) then the website will ask you to use your fingerprint or face on your phone’s to log you in to the website, just like you use to unlock the phone itself.
This is secure as they need to have access to your phone at the moment of accessing the website, as well as access to you… Face or fingerprint.
So this does away with passwords that you have to remember and instead uses a key, which in my example above is the combination of phone and biometrics.
It does not have to be phone, it can be a Windows hello sign in (pin, face, etc) or a dedicated physical token, but the point is no more remembering passwords, you create passkeys tied to a device and requiring you to provide an easier input than a password, typically something biometric, but can in fact be other things.
Latest Answers