Uladzimir Zuyeu/iStock/Getty Images Plus
Follow ZDNET: Add us as a preferred source on Google.
ZDNET key takeaways
Many sites let you sign in with an existing login from consumer SSO providers.
This approach results in a potentially risky centralization of your credentials.
Passkeys allow you to compartmentalize credentials, but SSO has its advantages.
Here on ZDNET, I've been writing a lot about passkeys -- the FIDO Alliance-backed passwordless replacement for traditional usernames and passwords. As far as I'm concerned, all organizations and users on the internet cannot make the move soon enough. However, I was reminded of how challenging and lengthy that transition will be (sadly, 10 years is my estimate) when I recently encountered warnings to change my password for ChatGPT.
Also: How passkeys work: The complete guide to your inevitable passwordless future
That ill-informed recommendation turned up in my article feed when the operator of ChatGPT -- OpenAI -- announced the day before Thanksgiving that some of its customer data had been breached by threat actors. Between watching my turkey bake and preparing my side dishes, I rushed to my computer to change my OpenAI password. Not a moment to lose when you get scared like that, right?
There was only one major problem: While I have a login to OpenAI, I suddenly realized I didn't have an OpenAI password.
... continue reading