Should we not be commemorating a Word Passwordless Day, or better still, not even be needing such a redundant event?

Geoff Schomburgk, Vice President (Asia Pacific & Japan), Yubico

That is why, with support from big tech and businesses around the world, passkeys are on track to replace passwords altogether. They have been around for a while now, but the ability of passkeys to transform how users protect themselves online is increasing their adoption rapidly.

Unlike passwords, which rely on shared secrets intended to be remembered, passkeys are either stored in the Cloud by a platform provider (syncable passkeys) or are stored on users’ devices (device-bound passkeys) – including phones, computers or hardware security keys. Also:

    • Each passkey is a combination of a public key and a private key, both very large numbers that are linked together by complex mathematical formulas.
    • The public key is stored by the site or application, while the private key is stored on the user’s device.
    • When logging in, successful authentication relies on a validation and “handshake” between the two keys, which solves many of the problems inherent with passwords.
    • Passkeys are phishing-resistant and cannot be intercepted or stolen by remote attackers. Each passkey is linked to a specific website or app, so user credentials will not be sent to imposter phishing sites, even if a user is fooled.