Passkeys work by allowing people to log in to an app or website using just a username and a preauthorized device.
Those phones, laptops and other devices basically use a cryptographic token to prove a user is who they say they are — and those tokens are nearly impossible for hackers to steal or replicate remotely. Many of these logins will mimic how people unlock their phones with a fingerprint or face scan or by entering a PIN.Growing passkey adoption requires widespread availability, industry collaboration and regulatory support, says FIDO Alliance executive director Andrew Shikiar.Around 430,000 Microsoft consumer accounts have enabled passwordless logins in the last year, says Vasu Jakkal, corporate vice president for security at Microsoft.
While other companies are in the early stages of passkey adoption and declined to share figures with Axios, Microsoft's numbers suggest there's widespread interest in the technology.Hackers are uniquely talented at finding flaws in new technologies, so it's impossible to say something like passkeys is completely hackerproof.