Ad Image

Delete Your Passwords: The Passkey Adoption Trend Amongst Today’s Tech Giants

The Passkey Adoption Trend Amongst Today’s Tech Giants

The Passkey Adoption Trend Amongst Today’s Tech Giants

Will LaSala, the Field CTO at OneSpan, explains why passkey adoption remains a dominant trend in the tech markets. This article originally appeared in Insight Jam, an enterprise IT community that enables human conversation on AI.

Insight JamThe transition from traditional passwords to passkeys represents a pivotal shift in digital security practices. Over the years, there have been endless cyber-attacks due to conventional password methods—from static and knowledge-based passwords to dynamic and one-time passwords. These incidents highlight the critical need for organizations to prioritize advanced security measures, and the solution lies in the passkey.

Tech giants like Apple, Google, and Microsoft have embraced this movement and recognize passkeys’ ability to provide stronger authentication and mitigate common vulnerabilities associated with traditional password systems. For example, in under a year, passkeys have been utilized for authentication over 1 billion times across more than 400 million Google accounts to eliminate threats like phishing. This evolution enhances security measures and marks a significant step towards more robust protection against cyber threats in today’s interconnected world.

It’s clear that passkeys are the future, and any business still using outdated password methods is putting its company—and every employee—at risk. It’s time to follow suit and embrace the passkey trend like our big tech leaders.

The Password Problem in the Modern Age

Given the rise of remote work and the growing sophistication of threats brought on by artificial intelligence (AI), security has never been more critical for businesses. With employees operating from different locations across the globe, a vast amount of sensitive information is now accessible online, and threat actors are taking full advantage.

AI has enabled more complex and personalized security threats, heightening vulnerabilities and necessitating the evolution of passwordless authentication to ensure robust protection. With 80 percent of confirmed breaches related to stolen, weak, or reused passwords, the imperative to shift towards using cryptographic methods is clear.

Social engineering attacks, in particular, have sparked the need to revamp password practices. Criminals will use social engineering tactics, such as phishing, to their advantage to obtain personally identifiable information (PII), as it is often easier to manipulate people’s trust rather than hack someone’s password. While concerning, the rise of AI has accelerated social engineering attacks to unprecedented levels.

Using AI for malicious intent, social engineers craft campaigns that seem more human-like and will make users drop their guard to give away sensitive information. AI also helps threat actors analyze large data sets and pick out patterns, which can be used to tell attackers exactly when and how to attack.

It’s clear that one of the significant challenges with outdated password methods is that they can be easily exploited, as many users choose overtly simple ones to help them remember or use personal information that can easily be discovered through a Google search. People also often reuse the same passwords for multiple accounts, ranging from personal banking to work emails, so if these passwords appear in a data breach, it could lead to disastrous repercussions. On top of this, AI can now generate and test thousands of password combinations in seconds, making it easier for attackers to breach accounts. Between the lack of complexity within traditional password methods and the rise of AI, the risk of exploitation has increased significantly.

Embracing FIDO Authentication

One of the strongest forms of passwordless authentication available today is Fast Identity Online (FIDO) authentication, and passkeys are an extension of the FIDO Webauthn specification. FIDO authentication enhances security and privacy and boosts convenience, scalability, and interoperability, allowing all users, employees, or customers to log in using methods like biometrics and pins. Unlike traditional password-based systems, FIDO manages credentials using public key infrastructure (PKI). This approach ensures that each website’s cryptographic login credentials are unique, enhancing security.

FIDO authentication is also highly convenient for users. It simplifies the authentication process through built-in methods, such as fingerprint readers, facial recognition, or FIDO security keys tailored to individual preferences. This eliminates the need to remember complex passwords and unnecessary risk. Case in point, a passkey can be a versatile authentication solution for consumers and businesses alike, as they are supported by a growing number of online services and platforms companies leverage every day.

As of 2024, FIDO passkeys are now supported by 20 percent of the world’s top 100 websites and are accessible on billions of devices globally. For instance, enabling FIDO on websites is simple and involves just a basic JavaScript API call. Thanks to their open specifications, FIDO passkeys are also easy to implement in web browsers and are integrated into most major browsers as a native JavaScript API. Additionally, these passkeys can be deployed across a broad range of popular applications, including Android and iOS, as well as operating systems like Windows and macOS.

The Growing Passkey Trend

Adopting passkeys provides several advantages over traditional passwords that help companies stay safe. While private keys play a crucial role in safeguarding login credentials, protection extends to guarding against modern threats like phishing, credential theft, password breaches, credential stuffing, and sophisticated AI-driven attacks. Additionally, passkeys offer protection against Man-in-the-Middle (MITM) attacks by transmitting only the public encryption key to the website while keeping the private key securely on the user’s device.

This is why leading tech giants have embraced the passkey trend. Apple now uses biometric authentication across their devices, such as facial recognition and touch ID, to offer a more seamless login experience. Google advocates for a passwordless environment through FIDO2-based authentication, championing services such as Google Smart Lock to bolster security and diminish reliance on passwords. Meanwhile, Microsoft has introduced Windows Hello, enabling users to authenticate using biometrics, such as fingerprints, facial recognition, and hardware passkeys. It’s clear today’s tech giants are shaping the future of cybersecurity and setting the standard for enhanced security practices today and beyond.

The Shift is Here to Stay

In today’s world, where complex cyber threats are running rampant, the time has come to move on from traditional authentication methods. A passkey offers a streamlined and secure alternative to easily compromised passwords, improving user experience and organizational security.

Embracing passkeys—from small businesses to the most renowned tech giants—is crucial in safeguarding against evolving cyber threats today and fostering trust in authentication methods for tomorrow.


Share This

Related Posts