At its Worldwide Developer Conference (WWDC) last year, Apple announced that it’ll allow you to sign in to websites on Safari using Face ID and Touch ID. This year, the company is taking this tech a step further by introducing passwordless sign-ups.
In a developer session titled “Move beyond passwords,” Apple unveiled a new tech called Passkeys that’ll allow you to sign up for services without any passwords.
Here’s how it’ll work: when you visit a website supporting this new tech, you’ll enter your desired username during registration, and then use Face ID or Touch ID — instead of a password — to authenticate yourself. Passkeys is coming to iPhone, iPad, and Macs later this year as a technology preview, so it’ll be off by default.
Passkeys tech is part of the iCloud keychain and it’s based on FIDO (Fast IDentity Online) Alliance’s WebAuthn protocol. Notably, Apple joined the alliance last year to support password-free authentication. You can read more about FIDO and WebAuthn here.
As Apple’s chart below indicates, this is a pretty secure method for authentication, and it prevents you from being a victim of a phishing attack. However, if you have devices beyond Apple’s ecosystem this tech might not work and you’ll have to fall back on passwords.
Google and Microsoft already support passwordless logins through biometric authentication or hardware keys such as Yubico. In March, Microsoft noted that more than 200 million accounts are already using a login method that doesn’t involve passwords.
Apart from enabling sign-ups with Face ID and Touch ID, Apple has also created APIs for hardware security keys in macOS Monterey and iOS 15.
You can learn more about Apple’s new standards to support passwordless tech here.