Passkeys use cryptographic techniques and biometrics and aim to replace passwords for good.

Passkeys are designed to work in apps as easily as they do on the web.
Image: Apple

During its WWDC, Apple introduced the next version of macOS, codenamed Ventura, which includes a new privacy feature called Passkey, a digital key designed to help protect users from hackers by completely replacing a user’s passwords.

Privacy steps into the spotlight at WWDC

Passkey is Apple’s answer to the FIDO (Fast IDentity Online) authentication standard, which defines a fast and secure authentication mechanism for users to access websites and applications.

The system is embedded within Apple devices and uses cryptographic techniques combined with built-in TouchID and FaceID technology to lock a user’s credentials with biometrics. A passkey can be created by using both TouchID and FaceID for biometric authentication, and it can be synced with other Apple devices through iCloud Keychain.

Passkeys will work on both websites and within apps. They will stay within a user’s macOS or iOS devices and won’t ever be transmitted over the open web, according to the company. All sharing between Apple devices will be done over a user’s local network in an encrypted session.

SEE: How to always access your locked iOS device (TechRepublic)

“When users create a passkey, a unique digital key is created that only works for the site that was created,’’ and passkeys can’t be phished, said Darin Adler, vice president of internet technologies at Apple, who made the announcement at the keynote. “Since the passkey never leaves your devices, hackers can’t trick you into sharing on a fake website. And passkeys can’t be leaked because nothing secret is kept on a website.”

Adler claimed passkeys are more secure, easier to use and could eventually replace passwords for good. He also said passkeys are not as vulnerable to phishing and theft attempts because they are not stored in the cloud. Adler said passkeys are instantly available on the Mac, iPhone, iPad and Apple TV.

Passkeys will be compatible with non-Apple devices

Apple worked with members of the FIDO alliance, including Google and Microsoft, to ensure passkeys will work seamlessly across non-Apple devices as well, including the ability to use Passcodes via a QR code on the iPhone, Adler said.

SEE: Mobile device security policy (TechRepublic Premium)

The FIDO alliance said its authentication creates stronger security by removing many of the problems that stem from password-based authentication, and from authentication using traditional second steps.

Specifically, FIDO authentication uses public-key cryptography. FIDO also helps to ensure that the credentials aren’t shared with malicious parties or other parties that do not own the credential, according to the alliance. Public key cryptography reduces the threat of potential database breaches.

macOS Ventura is now available as a developer beta, and Apple plans a full release this fall.