CyberHappenings logo

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

Adoption and Security of Passkeys in Passwordless Authentication

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Passkeys, a form of passwordless authentication based on public key cryptography, are gaining traction as a more secure alternative to traditional passwords. They are increasingly adopted by major organizations, including Microsoft and Aflac, due to their enhanced security and user convenience. However, passkeys come with challenges such as device dependency, complex setup, and limited compatibility with legacy systems. Passkeys use a key pair: a public key stored by the service and a private key that stays on the user's device. This method prevents phishing, brute force, and dictionary attacks, as the private key never leaves the device. Even if a database is breached, the public keys are useless without the corresponding private key. Despite their advantages, passkeys face barriers like complexity, costs, and lack of clarity. Organizations may need to run hybrid models during the transition, maintaining strong password hygiene where passkeys are not yet feasible.

Timeline

  1. 25.09.2025 17:02 1 articles · 4d ago

    Microsoft Adopts Passkeys in May 2025

    Microsoft made a significant move in May 2025 by going 'passwordless by default' for all new accounts. Users authenticate with passkeys, push notifications, or hardware security keys, with nearly 1 million passkeys registered daily and a 98% login success rate. This shift highlights the growing adoption of passkeys in high-security environments.

    Show sources

Information Snippets