Monday at the Worldwide Developers Conference (WWDC), Apple revealed long-rumored features and products. While the Vision Pro, the company’s new product, is certainly making headlines, cybersecurity experts were interested more in different news.
Starting with iOS 17, Apple will allow third-party apps, such as password managers, to save and offer passkeys for apps and websites across the system, including on mobile devices.
Without this feature, third-party service providers could develop their passkey-related functionalities on desktop apps, web pages, and browser extensions only. This limiting factor restricted password managers from bringing their clients fully multi-platform passkey storage that worked across all devices, without exception, says Sorin Manole, a product strategist at NordPass.
“Password managers are highly reliant on platform vendors when it comes to passkey technology,” he adds. “Therefore, we welcome the latest move from Apple because it serves as a huge milestone in replacing passwords with more advanced online authentication solutions. With tech giants allowing third-party integrations, internet users will get more user-friendly services and, as a result, will be more keen to stick to using passkey.”
In March, NordPass announced a solution to store and manage passkeys for its desktop app, web vault, and the Firefox and Chrome-based browser extensions. Following the latest news from Apple and the earlier announcement from Google, the company says its passkey solution will be available on mobile apps too as early as in autumn this year. The company is also planning to introduce passwordless login to NordPass and provide a solution to help online businesses to integrate the support of passkey authentication.
About passkey technology
A passkey is a pair of related keys: a public key and a private key. The public key is stored on the website’s server. The private key is saved on a user’s device. Public and private keys do not work without one another and therefore are useless to hackers. Moreover, the passkey on your gadget (the private key) cannot be accessed without biometric identification (from the device’s owner) or a PIN, which adds extra protection.
A passkey is a long combination of various numbers, letters, and symbols. Compared to a password, a passkey is never created by the user and is always generated automatically. Here is a video that explains passkey technology in more detail.
Drawbacks of passwords
“Passwords did well back in the day, but they certainly do not serve the current web environment. Every day, there are good and bad guys perfecting their coding skills for different reasons: to do harm to internet users or save them from it. The way passwords work is outdated — this technology simply leaves too much space for human mistakes,” says Manole.
According to annual research by NordPass, which looked at the passwords habits of internet users across the globe, “password” is the world’s most common password. While that may already sound alarming, the study also shows that 83% of the world’s most common passwords can be cracked in less than a second.