Apple can now automatically log you in on your devices without a password
Apple is embracing passkeys.
The tech giant has announced that with the launch of iOS 17, iPadOS 17, and macOS Sonoma, users will no longer have to enter their password on icloud.com and apple.com domains. (Passkeys will be automatically assigned when users upgrade.)
Apple says Apple ID passkey support will also be available for third-party apps and websites that utilize the “Sign in with Apple” feature.
Want an early look at the feature? It’s available now to anyone who’s testing out the beta versions of the operating systems. (Just remember that downloading a beta operating system could cause other issues as bugs are being worked out.)
Passkeys have been touted as a replacement for passwords. By using your fingerprint or a scan of your face, you’re automatically logged into an app or website (once you approve the request). Basically, it’s using your device to prove that you’re really you.
They work by generating a pair of keys — one public, which is stored on the cloud, and one private, which is stored on the device. That way, if a server is compromised, accounts are still protected as the hacker won’t have both sets of keys.
Proponents of the technology say it’s a much more secure option since too many people opt for simple passwords or utilize the same ones on multiple websites. And even fewer use two-factor authentication.
Passkeys are more secure, in that they require authentication for every user, every time they’re used. In other words, you don’t stay logged in—since logging in again takes virtually no time. And the encryption on them is different for each site, which makes it harder for hackers to use them as a backdoor into your account.
Skeptics, though, note that by doing away with passwords, large companies like Apple have a bigger opportunity to incorporate you into their ecosystems, giving them an even deeper knowledge of your digital habits. And should one of those tech giants merge with another company—or go out of business at some point (admittedly, something that’s rather unthinkable today, but people once thought that about A&P supermarkets and Compaq computers)—there are notable privacy concerns.
Apple’s inclusion of passkeys is a bit of catch-up. Google launched passkey support on May 5 2022 for standard Google accounts. Microsoft also offers the technology (though it utilizes alternate phrasing, such as “Windows Hello” or “security key”).
Even websites and password managers have embraced passkeys. Travel site Kayak has let users set them up for months, while still supporting usernames and passwords. And 1Password is currently offering early access to a version of its manager that includes passkeys, which can be used on any device.
Passkey technology is still in its early stages, though. And the number of websites that support them is fairly small.
Apple fully committing to passkeys could speed up adoption, though, just as many more businesses began taking phone-based payments with the launch of Apple Pay.
(22)