WIRED readers have also asked about Apple's macOS password manager, which syncs through iCloud and has some nice integrations with Apple's Safari web browser.
There's nothing wrong with Apple's system.
I have used Keychain Access on Macs in the past, and it works great.
It doesn't have some of the nice extras you get with dedicated services, but it handles securing your passwords and syncing them between Apple devices.
The main problem is that if you have any non-Apple devices, you won't be able to sync your passwords to them.
A concerted effort to get rid of passwords began roughly two days after the password was invented.
Passwords are a pain-you'll get no argument here-but we don't see them going away in the foreseeable future.
The latest effort to eliminate the password comes from the FIDO Alliance, an industry group aimed at standardizing authentication methods online.
Apple has implemented the FIDO protocols in what the company calls passkeys.
Passkeys are generated cryptographic keys managed by your device.
Apple will store them in iCloud's Keychain so they're synced across devices, and they work in Apple's Safari web browser.
Passkeys have been available since iOS 16 and macOS Ventura, but there are some limitations.
Websites and services need to support the FIDO Alliance's protocols, which, at the moment, most don't.
Google has already rolled out Passkey support in Android and Chrome.
Passkeys will eventually also function with systems by Microsoft, Meta, and Amazon.
Since Passkeys are generated key pairs instead of passwords, there's nothing to remember.
If you are familiar with GPG keys, they're somewhat similar in that there's a public and private key; the website you want to log in to has a public key and sends it to your device.
Your device compares that to the private key it has and you're signed in.
If millions of people suddenly stop using 12345678 as a password, that's a win for security.
This Cyber News was published on www.wired.com. Publication date: Tue, 05 Dec 2023 14:43:06 +0000