A Pioneering Era Signals the Beginning of the End for Passwords!

In May, Google began rolling out passkeys, calling them “the beginning of the end of the password.” Passwords have been with us since the mid-1960s, decades before computers became mainstream. But with more sophisticated cybercrime attacks, dated password technology does us more harm than good.

According to a survey by AllAboutCookies, 84% of people still use unsafe passwords (like birthdays and pet names), and over half of survey respondents admitted having five or fewer passwords for all their accounts. Sure, we could do better. But these stats are also a testament to how annoying and ineffective passwords are. Google and other major players in the industry believe that passkeys are the “key” to a simpler – and safer – future.

What Is A Passkey?

Instead of relying on something you remember (like a password), digital passkeys rely on something you have (like a device) or something you are (like a fingerprint or face recognition) for secure authentication.

Here’s How Passkeys Work

Passkeys use public-key cryptography. This is how it works: Your device has a pair of keys, a public key, and a private key. The public key is shared with whatever website or app you want to access. The private key is stored securely on your device ONLY.

When you try to sign into a site, the site sends your device a digital “challenge” to check if it’s you. The website uses your public key to send a challenge back to your device. Your device then uses the private key stored on it to decrypt and read the challenge - think of it like a decoder ring. The challenge confirms who the user is and

sends a message back to the application. If the authentication is successful – i.e., the keys match – the website knows the

response truly came from your device. It’s like a secret handshake between your devices and the sites you use. This way, a hacker cannot log into your accounts without the private key from your device. This provides an added layer of security compared to passwords.

Try It Out With Google!

If you have a Google account, you can try out passkeys for yourself. Go to g.co/passkeys.

1. Click “Get passkeys” and sign in.
2. Choose “Use passkeys,” then follow the prompts!

Note: Passkeys are automatically created for Google devices, but you must be set up separately for other devices.

Why Passkeys Are Better

If you use a passkey, a hacker must have your device (and be logged in), fingerprint, or face to log in. Also, passkeys are encrypted on your device instead of on servers, so even if your company’s data is breached, they can’t access your passkey.

Though companies like Google, Apple, and Microsoft are already using passkeys, it will take time for other sites and companies to get on board. Continue to use strong, secure passwords in the meantime and store them in a password manager.

At RIT Company, it is our honor to address your business requirements by delivering exceptional, tailor-made solutions. We specialize in managing the technological aspects of your company, allowing you to concentrate on your core business functions.

Our seamless business-to-business partnership ensures efficiency and success.