Passkey

Use of strong passwords is an effective way to secure accounts and prevent unauthorized access. However, passwords have a few shortcomings. In addition to users having to remember one or more passwords, passwords can also be breached. For these reasons, the tech world is preparing to walk away from the use of passwords as a security measure and inching closer to using passkey. Passkey uses two or more of the following.

1. Something the user has: (a device) that has a capability to authenticate biometrically (fingerprints, facial recognition, etc.)

2. Something the user knows: a known passcode or one generated on authentication app on the user’s device (a code, PIN etc.)

3. Something the user can access independently (an email address)

All these require a physical presence and direct interaction of the user. The passkey works on the user’s device; a user cannot use passkey functions on another device unless the user has previously scanned and validated a QR code on his/her device. This is how it works. A user scans the QR code from their phone using an Authentication APP or his/her phone’s built-in camera, then use their Face ID or Touch ID to sign in from another device