As part of the effort to eliminate the need for passwords, Apple finally adopted the FIDO Alliance’s WebAuthn protocol to develop the so-called “iCloud Keychain Access Keys.” The Cupertino giant demonstrated its new authentication technology at the WWDC Developer Conference to help users log in to applications and websites that support Face ID or Touch ID. You do not need to enter a password to use this technology to register or log in.
Passkeys in iCloud Keychain
Passwords are WebAuthn credentials that users with Face ID or Touch ID can use to seamlessly log in to apps on iPhone, Mac, and iPad. They are encrypted and stored in the iCloud keychain. According to Apple, the password uses a public/private key pair, so there is no need for a server to store authentication secrets. How to compare Apple’s iCloud keychain password with existing authentication methods:
When you register a new account with the access key, you only need to provide a username. Your Apple device will ask you to save a password for your account instead of a password. At this point, you need to use Face ID for authentication. And created an account, all of which have no password. This password is stored in the iCloud keychain. You can then log in to the app by using the face ID for authentication. The password also applies to Apple devices in all supported web browsers.
“The emphasis of this preview is the authentication technology, an iCloud Keychain-backed WebAuthn implementation. An industry-wide transition away from passwords will need thoughtful and consistently applied design patterns, which are not part of this preview,” said Garrett Davidson from Apple’s Authentication Experience team. Apple says that Passkeys in macOS Monterey and iOS 15 are only meant for testing and not for production accounts.
Images courtesy by beebom