Fórum Zpět na výpis diskuzí


Autor Zpráva

Horydoly Open

9.5.2023 23:26

Passkey technology Google

Last week, Google announced its support for passkeys and this has drastically increased interest in passkey technology. However, it has also raised many questions, with the main one being: are passkeys more secure than passwords, and if yes, how?

Sorin Manole, product strategist at NordPass, explains:

When a user is creating an online account on a website, the password they come up with is saved on that website’s server, which might be cloud-based or physical. If a hacker is capable of getting into the server, they can reach the users’ login credentials (which sometimes, unfortunately, are even unencrypted), and use them for various malicious purposes.

Passkeys, on the other hand, are developed in a way that directly solves the password issue. When an account is being created on a website, your device generates a pair of related keys: public and private. The first one — the private key — is saved on your device. The second — the public key — is stored on the website’s server. Without one another, private and public keys do not work and therefore are useless to hackers.

While in the tech world nothing is 100% secure with constantly developing hacking technologies, it is less likely that a website’s server would get hacked and your phone or laptop stolen at the same time. Even if your device is stolen or hacked, the passkey on your device (private key), cannot be accessed without biometric identification (of the device's owner) or a PIN which adds extra protection.

The passkey itself is a very long combination of various numbers, letters, and symbols. Compared to a password, a passkey is never created by the user and is always generated automatically.

How can you manage your passkeys?

Currently, if a user chooses passkeys to log in to their Google account from a laptop or a mobile phone, their device generates a private key (one of the two keys used in passkey technology) and stores it within. This way can be convenient when using devices of the same ecosystem.

Alternatively, a user can create a passkey in the password manager, and then use it across different devices and operating systems. To date, there are very few password managers, including NordPass, offering the functionality to store and manage passkeys in their platforms instead of a device. Other password managers have also promised to deliver this feature later this year. NordPass users can also already share passkeys with other NordPass users.

What are other reasons to adopt passkey technology?  

  1. Internet users continuously use very poor passwords. According to NordPass research, the “password” is now the world’s most common password, pushing the former annual winner “123456” to second place.
  2. When it comes to businesses, the situation is not much better. According to NordPass, as many as 32% of the wealthiest businesses’ passwords reference the company, i.e., the company name, part of it, the email domain, or the company’s product.
  3. To make matters worse, even C-level executives are not adhering to good password hygiene. Among the different roles of business executives is a visible trend to use easily hackable passwords that mainly include sequential combinations of numbers or letters. These include but are not limited to “1q2w3e,” “12345,” “11111,” and “qwerty.” The winner in all categories remains “123456,” with the password “password” coming in second. 

Emilija Gaivenyte

Počet příspěvků: 294


30.1.2022 22:42

Příspěvek byl smazán autorem

Počet příspěvků: 3

Přidat příspěvek

Pro přidávání příspěvků je nutné se přihlásit

Registrovat se