A passwordless future might be even more convenient, thanks to the latest addition to the FIDO standard – which Apple marks as Passkeys in iCloud Keychain.
The proposal means you could automatically log into a secure website, for example, just by having a second Apple device with you…
context
Apple supported FIDO (Fast IDentity Online) in 2020 and announced last year that testing was underway. The company calls its own implementation Passkeys in iCloud Keychain, but it’s just FIDO by another name.
We previously explained how FIDO works:
The Fido Alliance proposal is that trusted devices should replace passwords. This would work much the same as Apple’s two-factor authentication (2FA) using Apple devices. When you try to sign in to a new Apple device with your Apple ID, the company sends a code to a trusted device and you enter that code.
With the Apple system it’s an extra step, but what the Fido Alliance wants is a similar approach to replacing passwords – and you wouldn’t need to enter a code.
For example, if you try to log into a website on your iPhone, you will only enter your username and it will then send an authentication request to one of your other registered devices, such as an Apple Watch . You can just tap to allow. Likewise, when you access a service on your Mac, you can approve it on your iPhone, and so on.
Passkeys in iCloud Keychain Enhancement
While tapping your watch or iPhone to authorize a connection is already much better than having to enter a password, Wired reports that the latest proposal wants to eliminate even that much effort.
FIDO’s whitepaper also includes another component, a proposed addition to its specification that would allow one of your existing devices, like your laptop, to act as a hardware token itself, similar to authentication dongles. standalone Bluetooth, and provide physical authentication via Bluetooth. . The idea is that this would still be virtually phishing-proof since Bluetooth is a proximity-based protocol.
In other words, it would work exactly the same as when your Apple Watch unlocks your Mac or iPhone, or your iPhone unlocks your Watch. You don’t need any additional verification, as you have already confirmed your identity by unlocking the first device.
So when you connect to a website on your Mac, for example, it checks that your iPhone or Apple Watch is within Bluetooth range and, if so, proceeds and lets you in without any action on your part.
It’s only a proposal at this point, so we’ll have to wait and see if it gets accepted.
Photo: Michal Kubalczyk/Unsplash
FTC: We use revenue-generating automatic affiliate links. Continued.
Check out 9to5Mac on YouTube for more Apple news: