Reports show modest passkey uptake as new products launch
Reports show findings on the prospect of passkey uptake for businesses, while Bitwarden password manager and Google’s new Titan Security Key both support passkey storage.
Passkeys progress, but businesses still use passwords
Identity assurance company Hypr and hardware authentication security key provider Yubico have published a report, “Transcending Passwords: The Next Generation of Authentication,” on the trends in authentication preferences.
The report found that organizations that use FIDO-based passwordless authentication methods – like passkeys – cut authentication times by 75 percent and users are the least likely to be victims of phishing attacks.
Delinea‘s whitepaper, “The Future of Workplace Passwords,” examines trends in password alternatives. Thirty-five percent of IT leaders surveyed are replacing or expect to replace passwords with passkeys.
FIDO2 passkeys use public key cryptography and biometrics. They are resistant to phishing attacks because authentication keys are tied to specific websites and users must consent to each authentication attempt. The new standard also allows users to store their credentials on their devices.
While passkeys aren’t the top choice for replacing passwords according to both research reports, they are growing rapidly in popularity, especially considering they were released to the public for just over a year.
Hypr and Yubico’s report predicts that even though 91 percent of workers use passwords as the primary form of authentication, passkeys are most likely to one day replace passwords as the leading authenticator.
Bitwarden password manager browser extension can now store passkeys
The browser extension will detect when a compatible website is directing the user to create a passkey and will prompt the user to save the passkey as a new login method. It will ask the user if they want to log in with the passkey at the start of the user’s next session. Users can verify the login by using a PIN, pattern, password, or biometrics.
Bitwaden’s mobile app does not currently have a passkey storage feature, but it is planned for a future release.
New security Keys from Google store passkeys
At the Aspen Cyber Summit in New York City, Google announced that newest models of its Titan Security Keys can now store passkeys, according to Tech Radar. The FIDO2-compliant models, manufactured by Feitan, come in USB-C and USB-A versions and have NFC.
With the new version, users set up a PIN code for the key on Chrome. To log in, users type their username, plug in the key, and enter the PIN code. Users can save their Google credentials by going to the passkeys page of their account. They then should select “create a passkey” followed by “use another device.”
The new key is compatible with all FIDO-enabled third-party services and has storage for the credentials of up to 250 accounts.
Google has previously partnered with Yubico to develop past security keys and is currently working with a number of industry partners to distribute 100,000 security keys to high-risk users such as campaign workers, activists, and journalists at no cost next year.