Checklist 347: Passkeys and Past Advice
Tech Giants Apple and Google Drive Shift from Passwords to Passkeys for Enhanced Security
In a bold move towards enhancing online security, tech behemoths Apple and Google have begun rolling out “passkeys” to replace traditional passwords for user authentication. This innovative approach promises not only heightened security but also increased convenience for users. The concept of passkeys was first introduced in 2022 as a means to revolutionize online security, and now, these tech giants are making significant strides in their implementation.
Apple’s Automatic Passkeys
Apple has made a substantial move in the passkey direction, with iOS 17 and macOS 14 Sonoma automatically generating Apple ID passkeys. This enables users to skip entering passwords on iCloud and Apple domains, relying instead on Face ID or Touch ID for authentication. Even more intriguing, passkeys are not limited to Apple devices; users can employ them on non-Apple devices by scanning a QR code presented during the sign-in process, invoking Face ID or Touch ID for secure access. While the transition from passwords to passkeys may seem unusual, Apple aims to make it a seamless and secure experience for users.
Google’s Push for Passkeys
Meanwhile, Google has announced a significant move by making passkeys the default login setting for Google accounts. Users are now prompted to create a passkey, which is faster and more secure than traditional passwords. While the “Skip password when possible” setting is on by default, those who prefer to retain their passwords can opt out. Google touts passkeys as being 40% faster and highly secure, encouraging their adoption across a wide range of its services, including YouTube, Search, and Maps. This shift has implications for various industries, as other major players like Uber and eBay have already enabled passkeys, offering users the option to abandon traditional passwords. WhatsApp is also planning to introduce passkey compatibility in the near future.
In the ever-evolving landscape of online security, the transition from passwords to passkeys is gaining momentum, with Apple and Google leading the way. As they embrace this change, it is likely to influence the broader tech industry’s approach to user authentication, setting the stage for a more secure and user-friendly online experience.
We Live Security Highlights Cybersecurity Risks and Offers Key Advice for a Safer Digital World
In an article coinciding with National Cybersecurity Awareness Month, We Live Security discusses the growing cybersecurity threats in the modern world and the importance of vigilance. The primary focus of the piece is on the factors contributing to our vulnerability to cyberthreats and offers key recommendations to bolster online security.
Social Media and Trust
The article highlights that social media’s global presence, with nearly five billion users, has become a breeding ground for scams and phishing links, often shared by friends or hackers who have compromised their accounts. People are more likely to trust content from their social circles, making them susceptible to scams.
Social Engineering Tactics
Cybercriminals and fraudsters often exploit human tendencies to trust those in positions of authority. They employ social engineering tactics in phishing messages to trick victims into divulging personal information, clicking malicious links, or downloading malware.
Mobile devices can be a significant distraction, making users more prone to clicking on phishing links and downloading malware while on the go.
Vulnerabilities in Smart Technology
We Live Security warns that connected and digital smart devices can be hacked, allowing attackers to launch attacks and potentially breach home networks, jeopardizing personal information and online accounts.
The article acknowledges that humans are prone to making mistakes, emphasizing the need for vigilance and cybersecurity education.
Responsibility for Sensitive Data
While organizations should safeguard sensitive information, data breaches can still occur. Therefore, individuals are urged to follow essential cybersecurity practices.
- Use strong and unique passwords, and consider a password manager to enhance security.|
- Enable two-factor authentication (2FA) wherever possible to protect against password theft.
- Recognize and report phishing attempts to prevent cyberattacks.
- Regularly update software and enable automatic updates to ensure the highest level of security.