Readers Digest
Magazine subscription Podcast
HomeLifestyleTechnology

Forgetting your password will soon be a thing of the past

BY James O'Malley

9th Feb 2023 Technology

Forgetting your password will soon be a thing of the past

Struggling to remember your password again? New tech called a "passkey" will soon make logging in easier and more secure, writes our tech expert James O'Malley

One of my favourite inventions in recent years is face unlocking. Without needing to remember a pin code, or arduously lift my fingers and type in the numbers, I can get straight into my phone with just a glance. And if anyone else picks it up and tries to meddle, they’ll be locked out.

It’s a really brilliant way of reducing the "friction" that comes with digital security. It means that my phone can remain safe and locked down when not in use, but without an annoying extra step to carry out during the approximately ten thousand times per day I pick up my phone.

"Major tech players are now on board with a new technology designed to replace the humble password called the 'passkey'"

But given this technology is so useful, the obvious question to ask is: what about everything else? Why do we still have to laboriously type in passwords when we log into almost every other website or app? Surely there’s a better way?

Well, I’m very happy to report that there is good news on the horizon.

Over the next few years, we can expect logins to get much less annoying, as all of the major tech players are now on board with a new technology designed to eventually replace the humble password called the “passkey”.

And that could mean that we do away with passwords altogether.

What is a passkey?

Hand using biometric technology to enter passkey on phonePasskeys make use of biometric technology to keep your data secure

The way passkeys work is by turning your phone into something a bit like a wallet, which you can use to store membership cards to all of your apps and services. When you need to log in to a website, you’ll just have to tap a button on your phone and your passkey wallet will flash the right credentials, letting you in without any fuss.

And even if you’re logging in to a device that doesn’t have access to your wallet, when you type in your email address, the website will send a message to your phone to check your credentials.

And how does it keep this virtual wallet safe? By using the same "biometric" check your phone uses—a face scan or a fingerprint that cannot easily be forged.

"Logging in with a passkey will actually be significantly more secure than typing a password"

Once passkeys are the norm, they won’t just save us from having to remember passwords but, perhaps counterintuitively, logging in with a passkey will actually be significantly more secure than typing a password.

This is because it takes advantage of a technology called “public key” cryptography, which is one of the building blocks of the internet—and is how computers have securely communicated with other computers for decades.

The way it works is by doing some very clever maths. Simply put, it works a bit like, well, a key, instead of a password.

With a password, the website has to ultimately contain a database of everyone’s passwords to check against when you login. But with a passkey, when you create your account on a website, it will effectively create a brand new padlock and key. The website will keep the padlock—and only your phone will have the key.

Why are passkeys more secure than passwords?

Passkey digital security padlock on phone screenEvery passkey is unique, which makes you less vulnerable to hackers

I think it’s a really clever idea, and that passkeys are going to make our digital lives even more secure, because they help guard against two common forms of digital attack.

First, it guards against data breaches—situations where hackers gain access to a database of passwords.

This is because, unlike most people who repeat their passwords, each passkey is unique (because we don’t have to worry about remembering them). This means that even if the pizza delivery place is hacked, it won't give away the same password that you use for your emails.

"Passkeys help guard against two common forms of digital attack"

 

And secondly, passkeys make things much harder for "phishing" scams—when a website tries to trick you into thinking that it is really your bank’s website or similar, so it can steal your login details.

These scams will no longer work as well, because passkeys have another mathematical trick up their sleeve: they’re always changing.

When you log in and your digital wallet has to send over an unlock code, the code it sends will only be valid for a few seconds at a time—so even if a hacker does gets hold of your key very briefly, 30 seconds later it will be rendered useless anyway.

So, next time you’re tutting in frustration that you can’t remember your password, don’t worry too much. It won’t always be like this!

Keep up with the top stories from Reader's Digest by subscribing to our weekly newsletter

*This post contains affiliate links, so we may earn a small commission when you make a purchase through links on our site at no additional cost to you.

This post contains affiliate links, so we may earn a small commission when you make a purchase through links on our site at no additional cost to you. Read our disclaimer

Loading up next...
Stories by email|Subscription
Readers Digest

Launched in 1922, Reader's Digest has built 100 years of trust with a loyal audience and has become the largest circulating magazine in the world

Readers Digest
Reader’s Digest is a member of the Independent Press Standards Organisation (which regulates the UK’s magazine and newspaper industry). We abide by the Editors’ Code of Practice and are committed to upholding the highest standards of journalism. If you think that we have not met those standards, please contact 0203 289 0940. If we are unable to resolve your complaint, or if you would like more information about IPSO or the Editors’ Code, contact IPSO on 0300 123 2220 or visit ipso.co.uk