Passkeys will now be automatically assigned to users with Apple ID, beginning with iOS 17, macOS Sonoma, and iPadOS 17. Apple confirmed the same on Wednesday, informing that with automatic assignment of passkeys, users can bypass the usage of passwords altogether and sign seamlessly into their Apple ID on the web. For users running the latest developer beta on their devices, this feature already works on iCloud.com and appleid.apple.com on the web.
The platforms – iOS 17, macOS Sonoma, and iPadOS 17 were announced at the WWDC23, and are currently running in beta versions for developers to test.
Passwords have long been the de facto method of user authentication, but they come with numerous challenges. Weak or reused passwords, as well as the potential for phishing attacks and data breaches, have made the traditional password-based system increasingly vulnerable. Apple recognizes these limitations and with passkeys, aims to revolutionize the way users access their Apple accounts. This support for Apple IDs will also be available for third-party apps and websites that support the “Sign in with Apple” feature.
For those who are not aware, passkeys are a new approach to user authentication. Unlike passwords, which are typically a combination of characters, numbers, and symbols, passkeys are unique cryptographic keys that are securely stored on a user’s device. These keys serve as a means of authentication when accessing an account or service. They are reliant on device-based authentication using Face ID, Touch ID, or PIN, and users do not need to remember their credentials to sign in.
Instead of relying on passwords, each user will be automatically assigned a unique passkey associated with their Apple ID. This passkey is securely stored on the user’s device, and will offer several advantages over traditional passwords, primarily by significantly reducing the risk of data breaches and unauthorized access. Apple noted that passkeys will be widely available to users “later this year.”
Since passkeys are generated and stored locally on the user’s device, they are less susceptible to interception or compromise during transmission. Additionally, passkeys eliminate the need for users to create and remember complex passwords, reducing the likelihood of weak or reused credentials. As the digital landscape evolves and cybersecurity threats become more sophisticated, passkeys represent a promising step towards more secure and user-friendly authentication methods.