How Apple Passkeys Will Eliminate Passwords in iOS 16 and macOS Ventura
Kurt Night, Apple’s senior director of platform product marketing, and Darin Adler, VP of internet technologies at the company, recently sat down for an interview with Tom’s Guide where they talked about Passkeys and how they’re going to replace passwords for good.
Apple debuted Passkeys at WWDC 2021. However, the company is really pushing Passkeys as a full-fledged alternative to passwords with its next set of operating systems, including iOS 16, iPadOS 16, and macOS Ventura, this fall.
“Passwords are key to protecting everything we do online today, from everything we communicate to all of our finances,” said Night. “But they’re also one of the biggest attack vectors and security vulnerabilities users face today.”
Passkeys use a process called public key cryptography to enable password-free logins on apps and websites. With Passkeys, logins require a handshake between a public key stored on a web server somewhere and a private key, which is encrypted and stored locally on the user’s device. The handshake is authenticated through biometric verification via Touch ID or Face ID.
Passkeys are highly effective against phishing attacks since authentication is entirely biometric on the user’s end and they don’t have any sensitive passwords to give out. They also shield against data breaches, since the public key stored on the web is worthless without its corresponding private key.
“People almost always have phones with them,” said Adler. “Face ID and Touch ID verification give you the convenience and biometrics we can achieve with an iPhone. You don’t have to buy another device, but also you don’t even have to learn a new habit.”
Once a Passkey is saved, iCloud Keychain syncs it across the user’s iPhone, iPad, Mac, and Apple TV with end-to-end encryption. If a user wants to log in on an Apple device that isn’t theirs, Passkeys can be shared via AirDrop.
“iCloud Keychain made it possible, and security that before was limited to people who would be willing to carry extra hardware can be made available to everyone with the phone,” said Adler. “So I think those two things come together in a really special way.”
Passkeys also support cross-platform functionality. When you want to log in on a non-Apple device with a Passkey, the other device will generate a QR Code that can be read by your iPhone or iPad. Your Apple device will use Face ID or Touch ID to confirm that it’s you trying to sign in, and you’ll be logged in on the other device.
“The cross-platform experience is super easy,” said Night. “So say you’re someone who has an iPhone, but you want to go and log in on a windows machine. You’ll be able to get to a QR code that you will then just scan with your iPhone and then be able to use Face ID or Touch ID on your phone.”
Apple is already working with developers to bring Passkey support to third-party apps, and there appears to be significant momentum in support of adopting the new feature.
“This isn’t a future dream to replace passwords,” Night concluded. “This is something that’s going to be a road to completely replace passwords, and it’s starting now.”