NurPhoto / Contributor/Getty
For all of us who hate passwords, passkeys represent a simpler and safer way of authenticating online accounts. But adoption has been slow, with many companies and websites still relying on passwords. Now the world's biggest social media platform is jumping on the bandwagon.
On Wednesday, Facebook announced that it's now rolling out support for passkeys on mobile devices. This means you'll be able to use one to sign in to Facebook on an iPhone or Android device. But the passkey won't be limited to your actual Facebook account.
Also: Why SMS two-factor authentication codes aren't safe and what to use instead
In the coming months, support will expand to Messenger, helping you better safeguard your encrypted messages and message backups. You'll also be able to use the passkey to autofill and authenticate payment information if you purchase something through Meta Pay.
"These changes will begin to go into effect today and will gradually roll out to everyone globally on Facebook and Messenger in the coming months, starting with Facebook on iOS and Android," a Facebook spokesperson told ZDNET.
On the upside side, passkeys are a decided improvement over passwords for authenticating your account logins. Whereas passwords are difficult to manage and vulnerable to compromise, passkeys are much easier and safer.
Developed by the FIDO Alliance, a passkey lets you sign in to an account using a PIN, a biometric method such as facial or fingerprint recognition, or a physical security key. Because that passcode is tied to you, you're able to use it to sign into the same account everywhere. Passkeys are automatically generated when you choose that option at a supported website. They can also eliminate or reduce the need for two-factor authentication codes.
Also: Biometrics vs. passcodes: What lawyers say if you're worried about warrantless phone searches
A passkey consists of two separate cryptographic keys, known as a key pair. One key is public and registered with the app or website. The other key is private and stored only on your device. The key pair handles the authentication process between your device and the app or website. For that reason, the passkey is much more resistant to any type of hacking or other security threat.
... continue reading