GadgetsLatestTechnology

Don’t change your passwords ― delete them! How to login on iPhone, Android, and Windows without a password

Imagine a world without the headache of forgotten passwords, the strain of dreaming up a different password for every online account, and the anxiety of getting hacked. Believe it or not, this utopia is possible with passkeys — an industry standard co-created by Apple, Microsoft, and Google.

Passkeys will unlock your online accounts without the need to type a password. Instead, a supported device or app will check your identity using biometrics, like facial or fingerprint recognition, and then vouch for you to the website or mobile app that you’re trying to access. And that’s it.

View Deal | Save 54% on NordPass, with support for PasskeysView Deal | Save 79% on password manager + data breach monitoring with SurfsharkView Deal | Get started with a free trial on LastPassView Deal | Get started with a free trial on 1Password

If you pay using Apple Pay or Google Pay, check your bank balance on a mobile app, or unlock your PC using Windows Hello — you’re already used to the convenience of biometrics. Passkeys bring that same simplicity and security to every login. No more forgotten passwords scribbled on Sticky Notes or tapping the “Forgotten Password?” prompt to desperately attempt to reset your login for the umpteenth time.

Let’s be honest, traditional passwords are far from secure. They’re easily guessed and frequently stolen.

In the last few weeks alone, we’ve seen security researchers unearth the so-called “mother of all breaches”, with billions of stolen usernames and passwords for popular sites like LinkedIn, X (formerly Twitter), Telegram, and Dropbox. Not only that, but hackers used credential stuffing to break into thousands of Roku accounts and spend money using saved payment details.

Even if you’re fortunate enough not to be caught up in a data breach …you could be using a password that fraudsters already know.

Passkeys are slowly being adopted by the biggest online services and applications, with Elon Musk enabling support on X for iPhone owners just this week.

What is a passkey?

Passkeys were developed by the FIDO Alliance, an industry body with the stated aim of helping to “reduce the world’s over-reliance on passwords” with the likes of Apple, Google and Microsoft amongst its members. First promoted as an alternative to passwords back in mid-2022, the clever system relies on the same biometrics that allow you login to your iPhone, iPad, Windows PCs, Samsung phones and tablets, Android phones, and dozens more, without typing out a password or PIN.

Using the facial or fingerprint recognition built into your device, the operating system will then vouch for you to the app or website that you’re trying to access — completely bypassing the need for a password.

If you’re the sort of person who regularly finds themselves tapping the “Forgot Password?” prompt when trying to login to a website or app, passkeys could then perfect solution as there’s nothing to remember. Since every account gets its own bespoke passkey, even if one of these services is hacked (as we’ve seen happen so often lately) there’s no risk to your other accounts.

This removes one of the biggest threats to online security: when users rely on the same email address and password combination for multiple online accounts. It only takes one of these websites to be breached for some of the most important online services that you rely upon, including online banking, email, and shopping sites with saved card details, to fall like dominoes. This common hack is known as credential stuffing, and it’s one of the reasons that fraudsters will spend money on leaked logins on the Dark Web.

Social engineering, which sees hackers correctly break into your profile by knowing real details about your life — mother’s maiden name, the street you grew up on, first pet, and the like — to pass the account recovery steps, isn’t possible with passkeys either.

How to use a passkey

If you find yourself on a website or app that supports passkeys — like X on iPhone — you’ll be able to create an account that forgoes an old-fashioned password. During the process, you’ll be asked to confirm your authenticator.

This is the service that will verify your identity. It can be a smartphone with biometrics, like Face ID or Touch ID on the iPhone, another mobile device, a laptop or desktop PC with Windows Hello, or a password manager. A number of the most popular password managers already support passkeys and will verify your identity and then autofill any login details on the website or app.

iPhone, Android, Windows 10, and Windows 11 have all been updated to support passkeys.

Most often, these unique codes will be encrypted and stored online, using a service like iCloud or Google Password Manager, so you can authenticate your login from multiple devices. It also has the benefit of ensuring that all of your login details will be waiting for you if you upgrade to a new phone, laptop, or tablet in the future.

Password managers like 1Password, LastPass, or NordPass will keep your passkey safely stored across devices. These services offer apps dozens of the most popular devices, from smartphones to web browsers, so you’ll always be able to login with a tap.

View Deal | Save 79% on password manager + data breach monitoring with SurfsharkView Deal | Save 54% on NordPass, with support for PasskeysView Deal | Get started with a free trial on LastPassView Deal | Get started with a free trial on 1Password

Some of these apps will rely on a single master password to secure your vault of login credentials, while others support fingerprint scanners and facial recognition.

Chrome, Edge, Safari and Firefox have all been updated to support passkeys. Just ensure you’re running Chrome version 79 or higher, version 13 or newer for Safari, and Firefox version 60 or more recent.

LATEST DEVELOPMENTS

Hidden cost of broadband from BT, Virgin Media, Sky and TalkTalkBBC iPlayer removes downloads from millions of laptops across UKiPhone owned by millions now ‘obsolete’ and using one will put you ‘at risk’Use Windows 10? Microsoft wants to charge you £337 to keep using it

Which websites and apps support Passkeys?

AdobeAmazonApple iCloudBitwardenBinanceCoinbaseDashlaneDocuSigneBayFreePrintsGitHubGoDaddyGoogleHancock.inkKAYAKLinkedInMicrosoft NintendoNvidiaOnlyFansPayPal (Mobile Apps Only)PlayStation (Sony Account)RobinhoodRobloxShopifyTikTok (iOS)UberVirgin MediaWebAuthn.ioWhatsAppWordPressX / Twitter (iOS)XboxYahoo!Yandex

Leave a Reply

Your email address will not be published. Required fields are marked *