Passwords will soon be replaced by passkeys. (@BelgaImage)
Passwords have been with us on the web for years. Each Internet user is necessarily registered on at least a small handful of sites, dozens or hundreds sometimes. Which means, for the more cautious, hundreds of passwords. Some have a good memory, some use password manager programs, others a notebook or Post-its. This explains why many people take this subject lightly, choosing codes such as “password”, “azerty” or “12345”, always very common.
Fortunately for the latter, this method of identification should gradually disappear, or, in any case, no longer be the only solution available.
And for users of iPhone, iPad and other Apple devices, the transition can already begin in the coming days.
From password to passkey
The replacement for the password is the passkey or “access key” in French. It has been developed for several years by the FIDO alliance, an association of different digital companies open to all, with the aim of finding a new solution that is much safer while being much more practical and applicable to all websites and apps.
With the passkey, you no longer need to remember a password. When creating an account, two cryptographic keys are created, one public, stored in the cloud and the other completely secret, linked to your smartphone or tablet, accessible via biometric data: retina, voice, fingerprint , face. More simply, it is like a lock and a key, which would be tied to your body.
Concretely: you want to connect to Facebook. The site will ask you for your passkey. You will therefore, for example, scan your index in order to authorize the sending of this information, your key.
Except that it will no longer be Facebook itself that will check if it’s the right one. It will ask the server/application/cloud that stores your “padlock” if it is you. All this obviously in a few seconds, even less.
The advantage is therefore twofold. No more need to remember a single password: your finger or your face will “contain” all your passkeys. And everyone gains in security: your passkey will no longer appear anywhere, on any server that could be hacked for example. The sites and applications on which you have an account will no longer know your codes, they will only know if it is you or not at each connection.
Only drawback: you will always need your smartphone with you to connect, even on a computer. But it is already the case for many of us…
Already passkeys at Apple
This new solution is getting closer and closer to us. Microsoft has announced that it will soon offer the use of passkeys, as has Google, which aims “the end of 2022“, and other password management services external to the web giants.
But iPhone and iMac users will soon be able to take advantage of this technology. The update for iOS16 phones, available on September 16, and the one for computers, macOS Ventura, will be available for download in October.
Both will allow users to create passkeys for their new accounts or for their existing accounts. The Keychain feature, which currently stores your passwords, will therefore preserve the second cryptographic key on iCloud.
Of course, this is only a first step. It is still necessary that sites and applications also offer their members the use of this technology, which is more practical and safe, but still very recent…