\nAnd we agree. If there is a cybersecurity themed day that we would like to get rid as soon as possible it\u2019s world password day. Sorry, old friend, but you\u2019re outdated, and it looks like your days are numbered. Let’s switch to passkeys.<\/p>\n
To quote Microsoft:<\/p>\n
> \u201cAs the world shifts from passwords to passkeys, we\u2019re excited to join the FIDO Alliance in leaving World Password Day behind to celebrate the very first World Passkey Day.\u201d<\/p>\n
In 2013, Intel introduced World Password Day to remind people of the importance of strong passwords. But over time, the number of passwords we use, and the necessary strengths have grown so much that the system has become practically unusable without a password manager. So, only a few years later, Microsoft introduced Windows Hello, a new way for users to securely sign in to their accounts with their face, fingerprint, or PIN.<\/p>\n
For several good reasons we want to say goodbye to passwords, especially for the important sites and services. Passwords are:<\/p>\n
* Hard to create
* Easy to forget
* Often reused across sites
* Vulnerable to hacking techniques like brute-force attacks and phishing.<\/p>\n
## The alternative: passkeys<\/p>\n
Passkeys are an alternative, more modern authentication method designed to replace passwords with a safer, simpler alternative. Despite their clear advantages, many people hesitate to switch to passkeys due to unfamiliarity and misconceptions. This blog post will try to explain what passkeys are, how to use them, and why they are better than passwords, helping you embrace this next step in online security.<\/p>\n
A passkey is a digital credential that replaces traditional passwords by using cryptographic keys stored locally, and securely, on your device, such as your phone or computer.<\/p>\n
At your demand, a program on your device will create a passkey automatically when you set up an account or enable a passkey login. Basically, it\u2019s a unique key that identifies you without ever leaving your device. <\/p>\n
When you log in with a passkey, your device proves you are the legitimate user by using the passkey to solve a challenge without actually providing the passkey itself. As with passwords, it\u2019s a way to prove you know the answer and with that who you are. But the difference is that, unlike passwords, passkeys can\u2019t be stolen by fake or malicious websites.<\/p>\n
OK. I heard some sighs in the back from the I-know-this-already crowd. There are plenty of technical explanations to be found. Feel free to try explaining cryptographic public and private keys to the people you do tech support for.<\/p>\n
Because passkeys are tied to your device and cannot be shared or stolen like passwords, they offer a safer login experience.<\/p>\n
## It\u2019s not hard to use passkeys. Really!<\/p>\n
Using passkeys is straightforward and really not that hard:<\/p>\n
* **Create a passkey:** When you sign up or log into a website or app that supports passkeys, the system prompts you to create one. Your device automatically generates the cryptographic keys. This means there is truly no need to struggle with inventing a complicated 12-character password that meets confusing requirements for a site you might never use again. Your device does _all the work_.
* **Log in:** Instead of typing a password, unlock your device using biometrics or a PIN. Your device then securely verifies your identity and tells the site or service it can trust you, without ever sending sensitive secrets over the internet.
* **Sync across devices:** You can securely sync passkeys across your devices using encrypted cloud services or password managers. This lets you log in effortlessly from multiple devices and prevents the hassle of losing access if your device goes missing.<\/p>\n
Having to create and memorize hundreds of complex, unique passwords is difficult and stressful. Passkeys remove this burden entirely. You don\u2019t need to create anything or remember a lot. The authentication process is as simple as unlocking your device.<\/p>\n
And it\u2019s faster. Microsoft has seen that on average passkey sign-ins to their services take only 8 seconds, compared with 69 seconds to sign in using a traditional password and second factor. <\/p>\n
## Common misconceptions<\/p>\n
Many people shy away from using passkeys for the wrong reasons.<\/p>\n
* Your biometrics, like fingerprints or facial scans are not stored externally, the site you\u2019re visiting never gets to see them. They are just meant for your device to verify it\u2019s really you.
* Using passkeys is not complicated as we explained above. Sure, the theory behind it is, but the user-experience may actually be simpler than password creation and management.
* You are not losing the extra layer of 2FA security you set up for important sites and services. Passkeys inherently support two-factor authentication (2FA) without extra steps, since possession of your device plus biometric or PIN verification is required.<\/p>\n
## There are downsides<\/p>\n
I have to be honest here. Some things are not ideal yet. But as we move forward and more people start using passkeys, these will improve soon enough.<\/p>\n
As I hinted earlier, losing your device can pose a problem, since your key got lost along with it, unless you synchronize it. This is a problem that\u2019s actively being worked on.<\/p>\n
Many websites and services also don\u2019t support passkeys yet. Developers and service providers are actively working to make passkey adoption smoother and more widespread, so you will see more websites and apps supporting passkeys soon.<\/p>\n
Not every passkey system is equal. Due to the history of their development which is still ongoing, there are currently multiple flavors of passkey. These range from device-bound and physical token passkeys (that never leave the device) to synchronized passkeys that offer the option to use a device\u2019s Credential Manager to back up and synchronize passkeys across the user\u2019s other devices. This can confuse or frustrate users who just want the authentication to work, without having to worry about the nuances of the underlying technology. Industry groups (including the FIDO Alliance and W3C) are working on standards, guides, and tools to improve this situation for developers and users.<\/p>\n
## Give it a try<\/p>\n
It doesn\u2019t take a lot of effort to convince yourself of the benefits of passkeys. <\/p>\n
Passkeys are created on, saved to, and synchronized across devices through a password manager. For example, passkeys created on a website on Chrome on Android are stored to the Google Password Manager by default, and then synchronized to different environments where Google Password Manager is available, such as Chrome on macOS, Windows, Linux, and ChromeOS. It’s up to the user which password manager to store a passkey to or to authenticate a passkey from depending on the environment. <\/p>\n
To save a passkey to Google Password Manager, ensure you’re signed into your Google Account on an eligible device (Android, Chrome, or other supported platforms). When prompted by a website supporting passkeys, agree to create a passkey and follow the on-screen instructions. <\/p>\n
MacOS allows you to save passkeys either in Google Password Manager or iCloud Keychain if you’re using macOS 13.5 or higher.<\/p>\n
* **Try passkeys today:** Look for websites and apps that offer passkey login options and give them a try. You\u2019ll likely find the experience faster and easier than passwords.
* **Educate yourself and others:** Share what you learn about passkeys with friends and family, especially those who find passwords confusing or frustrating.
* **Advocate for passkey support:** Encourage your favorite sites and services to support passkeys to help make the internet safer for everyone.
* **Use secure device authentication:** Enable biometrics or PINs on your devices to fully benefit from passkey security.<\/p>\n
* * *<\/p>\n
**We don\u2019t just report on phone security\u2014we provide it**<\/p>\n
Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.\n<\/p><\/div>\n
View Advisory Details<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"Security Update News Update Information Title On world password day, Microsoft says fewer passwords, more passkeys Update ID MALWAREBYTES:FF87BA50544CB1D0F0A5FB437F3C84A9 Type malwarebytes Published 2025-05-02T16:07:44 Last Updated…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,34,12,115,13,33,7,11,5],"class_list":["post-3029","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-cvss-00","tag-exploit","tag-malwarebytes","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n
On world password day, Microsoft says fewer passwords, more passkeys - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=3029\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"On world password day, Microsoft says fewer passwords, more passkeys - zero redgem\" \/>\n<meta property=\"og:description\" content=\"Security Update News Update Information Title On world password day, Microsoft says fewer passwords, more passkeys Update ID MALWAREBYTES:FF87BA50544CB1D0F0A5FB437F3C84A9 Type malwarebytes Published 2025-05-02T16:07:44 Last Updated...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=3029\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-05T15:33:27+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3029#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3029\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"On world password day, Microsoft says fewer passwords, more passkeys\",\"datePublished\":\"2025-05-05T15:33:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3029\"},\"wordCount\":1352,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-0.0\",\"exploit\",\"malwarebytes\",\"news\",\"NONE\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_news\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=3029#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3029\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3029\",\"name\":\"On world password day, Microsoft says fewer passwords, more passkeys - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-05-05T15:33:27+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3029#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=3029\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3029#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"On world password day, Microsoft says fewer passwords, more passkeys\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"On world password day, Microsoft says fewer passwords, more passkeys - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=3029","og_locale":"en_US","og_type":"article","og_title":"On world password day, Microsoft says fewer passwords, more passkeys - zero redgem","og_description":"Security Update News Update Information Title On world password day, Microsoft says fewer passwords, more passkeys Update ID MALWAREBYTES:FF87BA50544CB1D0F0A5FB437F3C84A9 Type malwarebytes Published 2025-05-02T16:07:44 Last Updated...","og_url":"https:\/\/zero.redgem.net\/?p=3029","og_site_name":"zero redgem","article_published_time":"2025-05-05T15:33:27+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=3029#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=3029"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"On world password day, Microsoft says fewer passwords, more passkeys","datePublished":"2025-05-05T15:33:27+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=3029"},"wordCount":1352,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-0.0","exploit","malwarebytes","news","NONE","Security","tapic","Vulnerability"],"articleSection":["category_news"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=3029#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=3029","url":"https:\/\/zero.redgem.net\/?p=3029","name":"On world password day, Microsoft says fewer passwords, more passkeys - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-05-05T15:33:27+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=3029#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=3029"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=3029#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"On world password day, Microsoft says fewer passwords, more passkeys"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/3029","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3029"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/3029\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3029"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3029"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3029"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}