Will password annoyance soon be over? The giants of new technologies want to put an end to this form of authentication, which to date remains the most common form of authentication used on the Internet, despite its security weaknesses and the challenge for Internet users to keep complex passwords current and different from being exposed to data leaks or hacking .
Apple, Google and Microsoft want to replace them with “passkeys,” an online connection mode designed to solve password problems. The three companies announced last spring that they would gradually support this common standard in their respective operating systems and browsers, allowing internet users to connect to their favorite online services without having to define, remember and manage their usual fleet of passwords.
The three giants are based on the work of the Fido Alliance (Fast IDentity Online or fast online identity), an industry association that has been coordinating the development of new connection standards since 2012 to overcome over-reliance on the Internet and instead favor respect for passwords local forms of authentication such as biometric verification or drawing a chart.
How “passkeys” work
In a way, the “passkeys” correspond to access keys. They are necessarily linked to the user’s main device. When registering with a service, merchant site or application, the latter must necessarily use a device that belongs to them, since the verification process involves the local storage of a private key.
In concrete terms, the user must first define on his smartphone how he would like to identify himself with his “passkey”. Either through a multi-digit PIN code or a pattern to draweither via biometrics, fingerprint or face recognition. This process is then used to connect to online services without having to enter a password. Websites simply ask users if they want to authenticate with their FIDO ID.
When you register for an online service, The smartphone creates two unique encrypted keys specific to the service in question. The private key remains stored on the user’s device and the public key is shared with the service manager. With each connection, the service checks whether the two keys match. but The user’s private key can only be used if they have unlocked it on their device through its secret code or biometric fingerprint. Therefore, even in the event of a data leak on the part of the application publisher, cybercriminals cannot exploit the stolen public keys.
A similar system is already being offered by Apple with its Face ID facial recognition tool, which allows iPhone users to enable facial scanning to access certain online services and accounts. The endorsement of the FIDO device by the three American tech giants should allow this practice to be generalized on a larger scale to make life easier for users and strengthen computer security.
Once a “master key” has been configured, The private key contains a keychain that stores all the private keys created for the various services used on the user’s device. These keys can also be stored in a secure online storage space, iCloud from Apple, OneDrive from Microsoft or Google Drive to be recognized on different devices with the same account or to be found again if the key is lost. ‘Device. Apple, Google and Microsoft insist that the private keys are then stored in an encrypted area that can only be opened by the user.
The “passkeys” are far from generalized
If they contain promises, the “passkeys” also have limits. They are not yet compatible from one ecosystem to another, and users may have trouble renewing them when swapping their main device for a competing brand.
Passkeys are used progressively. Apple opened up its iPhones and Mac computers to this new standard after its September keynote. Google has allowed Android developers to use “Passkey” functions since the beginning of December. And Microsoft recently announced that its Azure service will soon support passwordless sign-ins. The announcements are likely to multiply in the coming weeks.
The editors recommend
Thanks to your RTL account, subscribe to the RTL Info newsletter to follow all the news every day
Continue reading