On June 8, at the global Developers Conference (WWDC) held on Tuesday local time in the United States, Apple announced that it would realize real password free login for the first time. How did it do that? The company explained that it would use passkey in IOS 16 and MacOS Ventura apps and websites, and use touch ID or face ID for authentication.
Over the years, many companies have promised to provide more secure, password free login solutions, and 2022 may be the beginning of keeping people away from passwords. At this year's global developer conference, Apple announced that it would start to launch the Mac and iphone、iPad And Apple TV. On IOS 16 and MacOS Ventura, people will no longer use passwords, but use passkey to log in to websites and apps. This is the first major change in the real world to eliminate passwords.
So how did apple do it? Darin Adler, vice president of Internet technology of the company, explained on WWDC that passkey uses touch ID or face ID to create a new digital key to replace the password. When users create online accounts on the website, they can use passkey instead of password. Adler said, "to create a passkey, just use touch ID or face ID for authentication."
When a user logs in to the website again, passkey allows him to authenticate by using biometric information without entering a password (or let the password manager generate a new password). When you log in to the website on the Mac, you will be prompted on the iPhone or iPad to verify your identity. Apple said that passkey will use icloud's Keychain to synchronize on the device, and passkey will be stored on the user's device, not on the server.
Behind the scenes, apple passkey is developed based on the web authentication API (webauthn) and supports end-to-end encryption, so no one can read them, including apple itself. The system that creates the passkey uses the public key private key identity system to prove the user's identity.
For most people, the password free system will be a great progress in the field of network security. In addition to eliminating passwords that may be cracked, not using passwords can also help reduce the risk of phishing attacks. Moreover, if the password does not exist, it will not be stolen in the event of data leakage. At present, although some applications and websites already allow people to log in using fingerprint or facial recognition, this usually requires them to create an account with a password first.
Apple's passkey is not a new invention. The company introduced them in detail for the first time on WWDC in 2021 and began testing them soon. And apple is not the only company that wants to eliminate passwords. Over the past decade, the Fido alliance, a technology industry organization, has also been working to develop the basic standards required to eliminate passwords, and passkey is Apple's initiative to support these standards.
In recent months, Fido has taken a series of important measures to accelerate the elimination of passwords. In March this year, the organization has found a way to store the encryption key for synchronous login between different devices, which is called "multi device Fido certificate" or "passkey".
Apple, Microsoft and Google all announced their support for the Fido standard. Jeneasterly, director of the US Bureau of cyber security and infrastructure security, said that the adoption of these standards would ensure the cyber security of more people. At that time, the three technology giants said that they would begin to launch this technology "in the next year". Since September last year, Microsoft's user accounts have been able to give up passwords, and Google has been studying password free login technology since 2008.
When all technology companies have launched their own versions of passkey, the system should be able to run on different devices. In theory, users can log in to run [windows] with iPhone( https://microsoft.pvxt.net/x9Vg1 ) Or use Android Tablet to log in to the website in Microsoft edge browser. Andrew shikiar, executive director of Fido, said: "all the specifications of Fido are jointly developed with the participation of hundreds of companies."
Hicchial has confirmed that apple is the first company to launch passkey technology, and said that "this method will soon have a real impact on global consumers". To realize password free login, it depends on the performance of passkey technology in reality. At present, if you want to abandon the apple ecosystem and use Android or other platforms, what will happen to passkey is still an open question. Developers still need to make changes to their apps and websites to use passkey.
In addition, in order to gain people's trust, people must first understand its operation. Alex Simons, head of Microsoft identity management project, said: "any feasible solution must be more secure, easier and faster than the password and traditional multiple authentication methods currently used." In short: if cross device login systems are difficult to use, people may avoid them and continue to use dangerous but convenient passwords. (small)