We have completed maintenance on DiscoverMagazine.com and action may be required on your account. Learn More

Is It the End of the Password?

Google and other tech giants embrace super-secure passkeys.

By Avery Hurt
Dec 21, 2023 8:00 PM
DSC-TE0124 2
As major tech companies like Google, Apple, and Microsoft begin giving users the option of adopting more-secure passkeys, will consumers want to give up their old passwords? (Credit: Faithie/Shutterstock)


Sign up for our email newsletter for the latest science news

Come up with something at least 10 characters long. Include numbers, at least one symbol, and — just to be safe — maybe some hieroglyphics. Oh, and make it something you’ll remember, of course. Yes, passwords are maddening, but their days are numbered: Passkeys are here to make passwords obsolete.

An even better reason to kick passwords to the curb is that they’re a security nightmare. Data breaches, hacking tools, and phishing scams to trick users into revealing sensitive information are all becoming more frequent and more sophisticated. Better security was the impetus behind the Fast Identity Online (FIDO) Alliance, a nonprofit association of over 300 companies that has been working for over a decade to develop authentication standards to reduce reliance on passwords. Their solution? Passkeys.

What are Passkeys?

With passkeys you don’t have to remember — or make up — anything. When you register to use a site or app, your device generates two cryptographically linked keys: a public key and a private key. The public key stays on the servers of the app or website you’re signing in to. The private key, a long string of characters, is stored only on your device. When you sign in, the server, like the guard at the gate demanding “friend or foe,” presents a challenge to your device. Your device responds by using the private key as your personal signature or authorization. You then use your PIN, fingerprint, facial recognition, or similar means use to unlock your device to approve the signature, and the server verifies your signature by matching it with your corresponding public key. Your private passkey is safe because there’s no way to derive a private key from a public key.

Because passkeys are generated for a specific site or app, they won’t work on fake sites (those that look just like your bank’s website, for example, and steal your password when you try to sign in). Passkeys are also immune to social engineering attacks like phishing, because you don’t know the passkey; only your device does.

Andrew Shikiar, executive director of FIDO, says the new process is now a reality because the major tech players — who are often, as he puts it, “fierce competitors” — worked in close collaboration to make passkeys possible. In 2023, Google joined Apple, Microsoft, and many other tech companies in giving users the option of using passkeys across all their sites, greatly increasing passkey availability.

Are Passkeys Safer Than Passwords?

While acknowledging that nothing is completely bulletproof, Jonathan S. Weissman, a cybersecurity expert on the Rochester Institute of Technology faculty, says passkeys are “as foolproof a solution as has ever existed.” But for passkeys to work, we have to use them. As long as companies offer an option to use a password, many people will stick with what they’re comfortable with, Weissman says.

Shikiar agrees that people resist change, but believes that consumers eventually adapt to new technologies. People were slow to adopt touch ID, he says. But then they realized it’s not only safer, but faster and more convenient than a PIN. It’s now widely used. “I think the same thing will happen with passkeys,” Shikiar says. He predicts that the vast majority of consumer services will offer a passkey option within three years, and people will use them exclusively a couple of years after that. “We’ll come to a point where we look back on passwords like we do the rotary phone,” he says.

This story was originally published in our January February 2024 issue. Click here to subscribe to read more stories like this one.

1 free article left
Want More? Get unlimited access for as low as $1.99/month

Already a subscriber?

Register or Log In

1 free articleSubscribe
Discover Magazine Logo
Want more?

Keep reading for as low as $1.99!


Already a subscriber?

Register or Log In

More From Discover
Recommendations From Our Store
Shop Now
Stay Curious
Our List

Sign up for our weekly science updates.

To The Magazine

Save up to 40% off the cover price when you subscribe to Discover magazine.

Copyright © 2024 Kalmbach Media Co.