top of page
Search

Passkeys and Password Managers



Passwords are a pain. They're hard to remember, they're easy to forget, and they're often easy to hack. That's why a new type of password called a passkey is gaining popularity.

A passkey is a digital credential that is stored on your device and used to authenticate you to websites and apps. Passkeys are more secure than passwords because they are unique to each website or app, and they are stored locally on your device, not on a server. This makes them much more difficult to hack.


Passkeys are also easier to use than passwords. You don't have to remember them, because your device will automatically fill them in for you. This makes it much easier to sign in to websites and apps, especially on mobile devices.


Passkeys are still a new technology, but they are quickly gaining support from major tech companies like Google, Apple, and Microsoft. There are only a few dozen sites that support them today, but as product managers prune away their backlogs, they're likely to become supported by more an more SaaS products.


Here are some of the benefits of using passkeys:

  • Security: Passkeys are more secure than passwords because they are unique to each website or app, and they are stored locally on your device, not on a server. This makes them much more difficult to hack.

  • Ease of use: Passkeys are easier to use than passwords. You don't have to remember them, because your device will automatically fill them in for you. This makes it much easier to sign in to websites and apps, especially on mobile devices.

  • Compatibility: Passkeys are supported by major browsers and operating systems, including Google Chrome, Apple Safari, Microsoft Edge, and Windows 11. This means that you can use passkeys to sign in to websites and apps on any device.

If you're looking for a more secure and convenient way to authenticate to websites and apps, passkeys are a good option to consider. As more and more websites and apps adopt passkeys, they may become the new standard for authentication. They aren't as new of a technology as some may think, being an extension of WebAuthn. WebAuthn in turn is based on the FIDO2 protocol, which is a set of open standards for strong authentication initially developed in 2014. WebAuthn allows users to authenticate to websites and apps using a variety of devices, including security keys, biometrics, and mobile devices - with the most recent variant being the Passkey.

Secret Chest strives to address a number of issues with the traditional password. We store them, make them easier to access, and add a second layer of protection. We also require biometric authentication to access each. This extends to Passkeys. It may seem counter-intuitive to have a second or third biometric check for Passkeys, and so provide the option to suppress one of those if a secret we're storing is a Passkey (in other words a shard is stored locked by the TPM chip on a Mac but not the second, so the full Passkey is never on a single device. We currently support Passkeys on the Mac, but APIs haven't been released for iOS and so don't do so for iPhone and iPad. However, it does work with Managed Apple IDs, so we protect the enterprise (yes, we have full OIDC support to generate and manage accounts) in the same ways Passkeys currently protect the consumer. Further, we've open sourced some of our Passkey research at https://github.com/krypted/webauthn-inspector.


To learn more about how Secret Chest can help your organization, sign up for our private beta at www.secretchest.io.

10 views0 comments

Recent Posts

See All

Comments


bottom of page