Face ID and Touch ID – We all find passwords hard to remember, especially if we use a lot of online services and we try to keep different passwords for each one (which we recommend). We may eventually be able to forget about having to think of another password to join a new service.
Davidson demonstrates Apple’s new technology, which enables users to sign up for new online services using Face ID and Touch ID instead of a password, as part of the “Move beyond passwords” session at WWDC 2016.
It will be available in iOS 15 and macOS Monterey, and third-party services will be required to support it. The process of signing up for a new service is really simple. You can sign up for it with Face ID and Touch ID, and you don’t have to type in a password.
To create public and private cryptographic keys, the open WebAuthn standard is used in the background. Private keys are never sent to remote servers, unlike an encrypted password, which is used to establish your authenticity as a user.
Apple claims passkeys are so secure that they’re more secure than both a password and two-factor authentication combined. Also, passwords are more easily phished than passkeys since they are easily recovered. Additionally, they can be accessed on different Apple devices using iCloud, and they can also be found online.
Unfortunately, the feature is currently limited to only Apple devices, which is quite a limitation. CNET reports that Apple is working with partners to create a solution that will also work across other devices. Also, remember that passkeys, which will be a technology preview for developers to test, will be off by default with iCloud Keychain.