With Apple’s latest round of updates, we’ve got a new password feature that lets your computer manage passwords for you in the background. There are a lot of advantages to this new “Passkey” system. (Here’s Apple’s explainer.) It isn’t dependent on user-generated passwords. It’ll guarantee people use different passwords for different sites. It will also help you avoid phishing attacks because it won’t work on spoofed websites. This comes at the cost of some loss of control, but third parties are already working on that (like 1Password in this video).
I’m curious, however, as to when Passkey websites will start showing up. So far, I’ve seen none. For this to work, websites must adopt some new backend technologies, and everyone is now waiting for that to happen. Are website developers untrusting of the new technology? Do they want to see others figure it out first? Do they need the budget for these changes? I expect it is all of the above. I’ve been asking about it for MacSparky.com with some of my platform providers, and I’m told to cool my jets. I sure hope this all gets sorted out. It will help web security for a lot of people once it gets rolling.