Apple is looking for a way for FaceID and TouchID to completely replace passwords on its devices.
Over the past six decades, passwords have become an essential and ubiquitous form of authentication in all aspects of life. Passwords help users protect accounts that contain personal assets, professional information, identities, and more.
However, this measure also has many weaknesses, forcing big tech companies to gradually withdraw it from their ecosystems. In it, with the latest version of the operating system, Apple has taken the first steps towards a future without a password.
Access key: alternate password
The tech giant has added a feature that allows users to log in to multiple accounts without entering a password, or save and fill in information in a password manager.
Instead, users only need to scan their face or fingerprint to access their apps and services. This technology is called a unique token.
With key code technology, users only need to authenticate biometric information such as TouchID, FaceID to log in services for the first time. Once activated, the passcode will be saved in the iCloud Keychain management system, helping users to access all devices in the Apple ecosystem, from Mac, iPhone, iPad to Apple TV.
This means that from now on, users will no longer see an account name or password entry bar when they sign in to iPhone apps. Instead, they just need to scan your face via FaceID to successfully log in.
Pioneers with iOS 16 and macOS Ventura
According to the Wall Street Journal, while passwords have always been considered the common standard for online account security, they still contain certain security risks.
This is because users always use the same password for all accounts, despite expert advice on using complex passwords. Therefore, it is very easy to trick them into logging into fake websites or leaking personal information.
To solve this situation, Apple has devised a solution to use passwords, completely replacing the previous password system. Darin Adler, vice president of Internet technology at Apple, confirmed at WWDC 2022 that the technology is easier to use and much more secure.
Each key is unique, it can be used on old or new accounts and also with devices that are not part of the Apple ecosystem. These secret keys will be stored on the user’s device and not on Apple’s or web developer’s servers. Therefore, even if hackers can access the server, they cannot steal these access keys.
“Passkey will stop most cybercriminals because they won’t be able to steal any of the technology,” said Ondrej Krehel, chief operating officer of cybersecurity firm SecurityScorecard.
On the other hand, according to the Wall Street Journal, Apple is not alone in a future without passwords. Microsoft, Google, and other tech giants also adopt the passwordless standard provided by FIDO.
Mr. Andrew Shikiar, Director of the FIDO Alliance, said that this new technology will completely eliminate cumbersome procedures every time you log in. Instead, users simply authenticate using the biometrics, security code, or PIN found on the device.
Millions of Apple users already use this form of login through iOS 16 and macOS Ventura. “Users now have hundreds of different types of passwords to remember. So crypto is a huge step forward,” said Mike Newman, CEO of security firm My1Login.