Passkeys are an alternative to traditional passwords that offer users advantages in both security and convenience. Designed to replace passwords as the next generation of authentication, they offer a host of advantages over traditional passwords from a security perspective:
- Phishing Resistant: Passkeys are cryptographically tied to the website or application they are created for; they will not work on a fake phishing website and cannot be stolen by an attacker.
- Data Breaches: Since passkeys use public key cryptography they are more secure…in a nutshell:
- Websites/applications store a public key
- Your device stores a private key
- If the website/application is hacked, the public keys are useless because the corresponding private key remains private on your device
- Always Strong, Always Unique: Passkeys system-generated cryptographic keys, so they are always long, complex, and unique for every account. It eliminates the risk of using weak, guessed, or reused passwords across multiple accounts.
There are a number of convenience advantages to using passkeys in lieu of traditional
passwords:
- No More Memorization: You don't have to create, remember, or type a complex string of characters
- Seamless Login: You typically log in using your device's built-in authentication, such as a fingerprint, face scan, or PIN; much faster and simpler than entering a password
- Cross-Device Sync: Passkeys can often be synced securely across your devices (e.g., iCloud Keychain, Google Password Manager, or other passkey/password managers), allowing you to use them on multiple platforms
While passkeys are rapidly being adopted by major platforms, they are still relatively new, and not every website or application supports them yet. Today, a number of the cloud solutions offered by the Colorado Statewide Internet Portal Authority support the use of passkeys, such as Google Workspace, Docusign and Microsoft 365.