Compromised passwords have been the biggest digital security vulnerability since the dawn of computing. Now, Apple wants to do away with the concept altogether.
Although the public has known about the concept of passkeys since WWDC 2022, how Apple will implement the new standard has remained vague as of this week. In an exclusive interview with Tom’s Guide’s Mark Spoonauer, Apple Vice President Darin Adler and Senior Director Kurt Night said iOS 16 allows users to ditch passwords altogether in favor of using Face ID or Touch ID. as your login credentials.
Passkeys use public key cryptography, a technology that generates a secret key stored locally on your iPhone. When you sign in to a password-protected website or other service, Safari uses your biometric data (Face ID or Touch ID) to verify that it’s you, then automatically enters the locally stored private key. And Apple iCloud Keychain lets you sign in to any Apple device that your iCloud account is connected to.
If you need to sign in to a service like Netflix or a financial institution from a non-Apple device, you can generate a QR code that you can scan with your iPhone. Apple then checks that you’re near whatever device you’re trying to use and automatically logs you in. And if you don’t have your iPhone with you (or it’s lost or stolen), you can recover your old keys through your iCloud account.
This technology is Apple’s implementation of the FIDO Alliance, a joint venture between Apple, Google, and Microsoft to crack passwords. While the latter two companies have previewed Passkey technology, Apple is the first to implement it on its most popular platforms. You can expect Passkeys to roll out before the end of the year in iOS 16 and macOS Ventura.