(Web Desk) - For as long as the web has existed, the password has been the internet’s imperfect protector.
Finally, that’s changing, with 2023 marking what increasingly seems like the beginning of the end for that frustrating, flawed technology.
Over the past 12 months, a flood of big-name companies — from Amazon and CVS to PayPal and Uber — have begun letting people sign into their accounts with an easier and more secure technology known as passkeys.
They’re safer from theft and require less human work, while passwords “are hard to use and easy to break,” said Christiaan Brand, product manager for identity and security at Google.
Big tech firms like Google, Apple and Microsoft have spent more than a decade preparing for this moment, and now their work is bearing fruit.
“I expect 2024 to be a big year” for passkeys, said Jeremy Grant, the managing director of technology business strategy at the law firm Venable and coordinator of the Better Identity Coalition, which pushes for improved login technologies.
“As more case studies emerge showing how companies and government agencies have implemented passkeys with great success, I think you’ll start to see a tidal wave of new adopters.”
Passkeys have a successful login rate four times higher than that of passwords, according to Google data, and an industry survey shows growing interest in and familiarity with the technology, with 57% of Americans expressing openness to adopting it.
Fundamentally, passkeys are pieces of code stored on people’s personal devices that talk to companion pieces of code stored on websites when someone tries to log in.
After the user unlocks their device — perhaps with a fingerprint or face scan — and gives it permission to talk to the website, the device sends its snippet of private, encrypted code to the website, and the website uses its own corresponding public code to authenticate the passkey.
The resulting digital handshake verifies a person’s identity for the website and unlocks the account.