Apple replaces passwords with passkeys for iOS 17, iPadOS 17 and macOS Sonoma users

Remembering a password is about to become a thing of the past for users who run iOS 17, iPadOS 17 and macOS Sonoma who will be assigned a passkey which can be used to sign in to their Apple ID on the web.

With this passkey, users will be able to sign into any Apple web property using Face ID or Touch ID instead of a password.

A passkey is a unique digital key generated and stored on the secure enclave of your iPhone, iPad or Mac.

This takes the place of a password which had to be long and complicated for greater security.

Once the digital key is generated it then needs a biometric verification which will be either Face ID or Touch ID before you can access your account.

This acts like a two-factor authentication.
There are already a number of websites including eBay and PayPal that accept passkeys as a way to sign into your account.

Now what’s different here is the fact that the digital key resides on your device rather than on an outside web server.

The other benefit apart from you not having to remember a password is your data is on your device rather than on a company’s server.

So if a particular company suffers a data breach, they will not have access to the unique and encrypted digital key.

And with a digital key instead of a password, cyber criminals can’t trick you into sharing it through a phishing email that may be posing as your bank or telco or utility company.

The digital passkeys will be backed up securely in the iCloud Keychain so if you were to attempt to log in to the same account on your Mac, iPhone, iPad and Apple TV – all you would need is your Touch ID or Face ID to verify it’s you and access it.

It’s also possible to log into a website with Passkeys on a non-Apple device using just your iPhone.

The site generates a QR code which can be scanned by your iPhone before you verify it with your Touch ID or Face ID.

Google and Microsoft are supporting this new authentication standard on their respective platforms after it was endorsed by the FIDO Alliance and the World Wide Web Consortium.