Big Tech wants to kill the password, with “Passkeys” being the hot, new password replacement standard on the block. Passkeys are backed by Google, Apple, Microsoft, and the FIDO Alliance, so expect to see them everywhere soon. iOS picked up the standard in version 16, and now Google is launching passkey betas on Chrome and Android.

The Passkey standard just trades cryptographic keys with the website directly. There’s no need for a human to tell a password manager to generate, store, and recall a secret—that will all happen automatically, with way better secrets than what the old text box supported, and with uniqueness enforced. The downside is that, while every browser in the world supports showing that old text box, passkey support will need to be added to every web browser, every password manager, and every website. It’s going to be a long journey.

Not only that, there is also talk of it being locked to a mobile device, and what about those who move across all platforms like me having an Android as well as iPhone, and a Linux and Windows desktop? I make use of apps such as Authy and Bitwarden that sync and work across all my devices. I can’t use Apple’s Passkey as that only works on Apple devices, and Android’s one is not going to help me on Linux.

I just get this queezy feeling that Big Tech has been out to grab land as quickly as it could here for itself, and has not tried to really work openly with each other, and others, to create a truly portable solution. I want to make use of a solution that does not belong to any platform owner, and which I can use anywhere.

Problem is, Big Tech owns platforms and they end up being the majority voice. I really would have preferred cross-platform players to have had a louder voice.

See https://arstechnica.com/gadgets/2022/10/google-rolls-out-beta-passkey-support-for-chrome-and-android/

#technology #passkey #passwords #authentication #BigTech