iOS 15 and macOS Monterey include tech that could eliminate passwords forever

Apple PassKey discussion from Move beyond passwords sessions at WWDC 2021
(Image credit: Apple)

The unbelievable quantity of passwords to manage along with the hackers who are endlessly trying to exploit them are irritating realities of modern life. However, a session at Apple's WWDC 2021 signals a potential solution to both.

The "Move beyond passwords" session by Garrett Davidson at WWDC 2021 highlighted a new feature found in both iOS 15 and macOS Monterey called "Passkeys in iCloud Keychain," which could be used in the future to allow for sign-in without the need for an underlying text-based password.

Garrett started with a brief discussion of what's wrong with passwords today. It's something that may sound familiar if you've read our recent two-factor authentication coverage including why you shouldn't use your phone for 2FA. While brute force hacks on passwords are a problem, it's the ease of phishing passwords, security questions, and/or phone numbers that makes these options so vulnerable. 

The WebAuthn standard the "Passkeys in iCloud Keychain" is based on circumvents this with a public/private key pairs system that maintains a private key on your device. It is never shared with the server and uses a public key that can be shared without fear of granting access to your account or data. 

Table listing authentication methods

(Image credit: Apple)

With Apple's method, this private key or Passkey could be tied to your Face ID or Touch ID, obviating the need for you to know a password at all. The one downside to Apple's version is that it only works within Apple hardware, which is not shocking, but unfortunate for those of us that work across multiple operating systems.

Apple is hardly alone in this; the WebAuthn standard has seen uptake from Google, Microsoft among many others and support continues to build. To be clear, we are still in the early days for this, Apple is merely opening it up to developers in preview, so if you have dreams of being password-free by 2023, you probably are going to have to wait a bit longer.

With that said, there are far too many major players invested in this notion due to both the enhanced security and ease of use for it to likely fail or stall out completely. It would be surprising if there isn't a meaningful rollout within the next five years.

H/T The Verge

Sean Riley

Sean Riley has been covering tech professionally for over a decade now. Most of that time was as a freelancer covering varied topics including phones, wearables, tablets, smart home devices, laptops, AR, VR, mobile payments, fintech, and more.  Sean is the resident mobile expert at Laptop Mag, specializing in phones and wearables, you'll find plenty of news, reviews, how-to, and opinion pieces on these subjects from him here. But Laptop Mag has also proven a perfect fit for that broad range of interests with reviews and news on the latest laptops, VR games, and computer accessories along with coverage on everything from NFTs to cybersecurity and more.