Users of Apple’s latest devices have just been handed a security and convenience boost, meaning they can ditch passwords for the company’s websites now.
If you have a new iPhone running the latest iOS 17, an iPad with iPadOS 17, or a Mac with macOS Sonoma, then Face ID and Touch ID alone can be used to authenticate your login to sites like icloud.com and apple.com – no need to enter your password.
The news follows hot on the heels of Google’s recent announcement that passkeys will become the default way for users to login to their Google accounts. It seems that finally, passkeys are starting to fulfil their promise of replacing passwords for good.
Passkeys rely on a set of cryptographic keys, one public and one private. The former is stored in the cloud of the service you are trying to login to, and the latter is stored on your device. No one knows what this one is – not even the user. For this reason, passkeys are believed to be phishing resistant.
All that is needed to authenticate the use of a passkey is whatever you use to lock your device, such as your fingerprint, face or PIN. Since many people often use these to lock the use of their saved passwords anyway, passkeys effectively eliminate the need for this extra password step.
On Apple sites, users should look out for the Sign in with iPhone button once they have entered their Apple ID email address on the login page. A QR code then appears, which once scanned with your iOS 17 iPhone, lets you authenticate your login with your Face ID or Touch ID alone.
Apple claims that passkeys “profoundly improve security,” and it’s are not alone in this belief. Passkeys are governed by the FIDO Alliance, a cross-industry association upon which Apple, Google, Microsoft, and others, all sit as board-level members.
Apple was one of the first big names to support passkeys, and now it is pushing forward further still with this new implementation. There are fears, however, that using passkeys can lock users in to the ecosystems of big tech, since they are not cross-platform.
However, if you use a third-party password manager that supports passkeys – as many are starting to now – then you can save your passkeys to these instead, allowing you to use them across a variety of platforms.