What are passkeys, and why are Apple and Google offering passkey support lately? How do these keys relate to traditional logins and passwords? Here are other texts from the cybersecurity cycle. Read carefully and stay safe online!
Account login security is the biggest weakness that CyberSec wants to fight. As shocking as it sounds, a password leak or a poor password policy accounts for 81% of all data breaches in companies. That is why technology giants such as Apple and Google started to promote passkey support. It’s time to take a closer look at them.
Passkeys And CyberSec: These Data Will Shock You
Data from the 2018 report (1) stated that 81% of all company data breaches are due to a leaked password or weak password policy. A lot of employees used the same passwords everywhere (59%), according to Trace Security(2), and NCSC in the UK found that mostly used password was ‘123456’ among all the breached passwords (3). Yes – that was then, and we are in the future.
We know that 82% of breaches involve human elements currently, including social attacks, errors, and misuse. It was 85% the year before, so yes, we are making slow progress.
Mainly concerning our traders will be the DBIR 2022 reports part about financial insurance. This sector is still targeted primarily through social engineering (phishing), malware (ransomware – which rose y/y for 13% of all attacks), and, guess what – stolen credentials. The funny part of this section is the main reason finances are attacked…
We know companies keep training security awareness for users and employees, and it’s slowly paying back. But still, we shall understand that ‘human error’ means that it most probably indicates a problem with a password (whether it leaked, was reused, or is easy to guess).
Google Passkey – Chrome Rides with Passkey Support
At SimpleFX, we look at security with the most profound concern that there will be returning posts about how to keep your stuff (and, of course, money safe). Most current internet content is served using Google Chrome browser– most of our traders also use it. So we think posting news about this web browser is a good idea. Please remember that we don’t favor any of them and use all browsers across our company.
Yet this new feature is worth giving a try. For about a week, Google has offered Chrome (and Android) users passkey support for developers and some testers. The 2018 report1 stated that 81% of all company data breaches are due to a leaked password or weak password policy.
My Opinion About the Passkeys And CyberSec
So what option do we have? The relation between passkeys And CyberSec is clear, so it is time to make the password go by. Yes, that’s something we were always taught – long passwords, never reuse, never too simple, complex/easy to remember, unique signs, numbers, and small/big letters. Well, that’s all true, but still, it’s pretty much hard to implement.
Yes, there are password managers, but for a typical user, they are kind of annoying and don’t work like they should all the time (i know, I use them and have to reload a browser and close/open tabs to load a plugin properly).
Big companies know about it all, and still, they are breached, so yes, they also see the problem – passwords. That is the point where Passkeys come in (4). That’s an excellent idea showing you don’t have to enter passwords and don’t need to remember them because they don’t exist.
Technical data is for the lurkers, but for most of us who don’t care how it will work, it’s pretty much as simple as:
- install Google Password Manager
- confirm passkey account
- press fingerprint, face, or draw a sign on their screen to log in to the desired service using your account.
Microsoft and Apple Passkey: Additional Information
Apple and Microsoft also implement passwordless ideas, so yes – it’s the future we want to be a part of, and we encourage you, traders, to go in the cybersecurity direction. You can find some more info about Edges Passwordless and Microsoft on the Windows blog(5), and on the guide for Apple, you can read more about Apple Passkeys for iOS 16 (6).
So yes, it seems like the future will be passless at last.
——–
- https://www.verizon.com/business/resources/reports/dbir/
- https://www.tracesecurity.com/blog/articles/weak-passwords-cause-data-breaches
- https://www.bbc.com/news/technology-47974583
- https://android-developers.googleblog.com/2022/10/bringing-passkeys-to-android-and-chrome.html?m=1
- https://blogs.windows.com/windowsexperience/2021/09/15/microsoft-announces-passwordless-future-available-across-microsoft-edge-and-microsoft-365-apps/
- https://developer.apple.com/passkeys/