Passkeys are the future says NCSC

The future, perhaps, the present not so much due to differing implementations. Some sites want passkeys, then MFA, some don’t, some use passkeys as the MFA. This needs to be resolved to make it work for the masses

Passkeys should now be consumers’ first choice of login across all digital services, the UK government’s technical authority on cyber security has announced today (Thursday).

Overhauling decades of security practice, the National Cyber Security Centre – a part of GCHQ – has taken the decision to no longer recommend individuals use passwords where passkeys are available because passwords lack the relative resilience to modern cyber threats.

Passkeys are a newer method for logging into online accounts which do much of the heavy lifting for users, only requiring user approval rather than needing to input a password. This makes passkeys quicker and easier to use and harder for cyber attackers to compromise.

»NCSC →