With Google’s recent move to make passkeys the default login option for its users, it seems as if the passwordless technology is beginning to take hold – riding on its coattails, another tech giant, Apple, introduced easy passkey creation for its own websites very soon after.
Other big names have also announced their support, including the likes of WhatsApp, LinkedIn, and X (formerly Twitter). And it looks as though it’s only a matter of time before many others follow in their wake too.
So are passkeys now ready to replace passwords for good? Although big tech seems keen to make them the norm, others are less sure of the imminent takeover of passkeys, as there are some possible stumbling blocks still yet to be dealt with.
Widening adoption
The early data suggests that people aren’t finding too many problems with switching to passkeys. Popular password manager Dashlane has done its own research into consumer usage, and found that 92% of passkey creation requests are completed successfully, compared to 54% of password creation requests.
What’s more, the FIDO Alliance, which governs the technological standards for passkeys, has data showing that over half (57%) of US consumers are interested in using passkeys to secure their accounts.
In the enterprise space, things are starting to open up too. Recently, identity management firm Okta announced its partnership with Yubico, the security key maker, to supply YubiKeys to Okta subscribers that are pre-registered for passkeys, allowing organizations to easily implement passwordless logins for employees.
Another prominent password manager, Bitwarden, has also been keen to widen the implementation of passkeys for enterprise, with a new features that allows organizations to create passkeys for all the various apps they use. It touts its own toolkit as having, “an extensive, easy-to-deploy API for integrating FIDO2 WebAuthn-based passkeys into consumer websites and enterprise applications.”
With all these new plans to make the switch to passkeys as frictionless as possible, it seems that every barrier to their adoption is being broken down.
However, things aren’t quite so simple. There are still some lingering compatibility issues with passkeys that may hamper their progress and adoption. For instance, Mozilla Firefox doesn’t appear to support them that well, at least according to Hirsch Singhal, Product Manager for Identity at GitHub, who commented that a workaround was needed for the popular browser when the company announced the general availability of passkeys for its users. The same was true for Linux systems.
And although Windows 10 does support passkeys via Windows Hello, it will only save them to the device, so they can’t be synchronized and used on other devices. For Apple devices, macOS Sonoma is needed for its laptops and desktops, and so is the latest iOS 17 of its iPhones. So if you’re still using older devices, then you’re excluded from the club.
What’s more, although the big names in the tech world appear to be adopting passkeys, smaller companies have been relatively quite on the matter, so they haven’t yet trickled down into every crevice of the digital world.
When we spoke to Roger Grimes, Data-Driven Defense Evangelist at KnowBe4, he even maintained that passwords would be around for at least another ten years. He thought it was wishful thinking to believe that the technology could replace passwords wholesale, pointing out that even today, some websites don’t even play nice with password managers, let alone advanced passwordless systems.
There are always issues adopting a new technology. The idea of a cutting-edge revolutionary new method would neatly slot into place to substitute old ways rarely happens in practice. It is usually a more tortuous journey, but one that, in the end, looks to be worth it. But we are probably a long way off from passkeys replacing every last password out there.