Goodbye Passwords, Hello Passkeys

The ever-growing threat of sophisticated phishing attacks and massive data breaches linked to password security has put more focus on the need for new authentication solutions. Enter passkeys, considered a more secure and easier-to-use option that eliminates the need for passwords. Passkeys haven’t replaced passwords yet, but their adoption is growing. As major tech companies, apps, and websites make passkeys their default security option, it’s likely you’ll be prompted to set them up to help secure your accounts.



What is a passkey?

A passkey is a passwordless sign-in authentication method that has two parts: a public key that encrypts data and is stored on a server or application and a private key that decrypts data and is stored locally on your personal device, such as a smartphone, desktop, tablet, or laptop with a supported browser. When you sign in to an account, the website or application verifies your identity by matching these two keys. This is done by asking you to unlock your device via the authentication option you’ve chosen (face or fingerprint recognition, phone lock PIN, or security key, for example).

Signing in with a passkey instead of a password is generally a quicker and more seamless experience. There’s no need to use a separate multifactor authentication method like entering a code delivered by a text or email, and you won’t need to spend time remembering or updating sensitive credentials.

Why are passkeys considered safer?

Because passwords are user-created, their security partly depends on how weak or strong the password is. Users may choose simple passwords that are easy to guess or crack, reuse passwords across multiple sites or accounts, or inadvertently disclose them by clicking on a link to a fraudulent website. Passwords are also vulnerable to phishing and brute force attacks by hackers.

Unlike passwords, passkeys are always unique. The private key associated with your device is typically protected by biometrics and is never shared, so passkeys are highly resistant to phishing and can’t be guessed by a scammer.

What’s next?

Passkeys are a newer security solution and have not yet been implemented on all websites, apps, or services. Like usernames and passwords, you may need to set them up one by one, typically following prompts. Until passkeys become broadly supported, passwords aren’t going away. It’s still important to help protect your identity and financial information by taking extra steps, such as using a password manager to generate complex, unique passwords or setting up multifactor authentication.

Cetera Financial Specialists LLC
14 Zukowski Drive Thiells, NY 10984
Phone: (845)425-3824 Fax: (845)425-6363

Securities offered through Cetera Financial Specialists LLC (doing insurance business in CA as CFGFS Insurance Agency), member FINRA/SIPC. Advisory services offered through Cetera Investment Advisers LLC. Cetera entities are under separate ownership from any other named entity. Home offices at 200 N. Martingale Rd., Schaumburg, IL 60173; phone 888-528-2987.

Online Privacy Policy · Privacy Promise · Business Continuity · Important Disclosures and Form CRS · Order Routing