1Password, a password management solution used by millions of customers, just announced that it will soon be introducing single-step passkeys that will not rely on a password to grant the user access to the company’s platform.
“We’re all in on passkeys, and we’re starting with 1Password”, the company commented in a blog post published yesterday, referring to the upcoming implementation of passkeys to access its password management solution.
According to the firm, the updated version of the software should be released at some point during the summer season. Passwords require memorization from the user and that often complicates things.
From 1Password to No Password
Solutions such as 1Password allow people and organizations to store and share their access credentials safely but there is a catch – they still have to memorize the password they use to access the platform.
Even though multiple technologies have been introduced including the use of fingerprint and face recognition software, these tools still rely on a password as they just put an extra layer on top of it to facilitate the login process. What 1Password aims to achieve is to get rid of passwords for good by solely relying on biometric verifications to access its solution.
The company claims that more and more tech firms are being targeted by bad actors to obtain the access credentials of customers. There have been several high-profile data breaches lately including two involving 1Password’s rivals Norton LifeLock and LastPass.
Hackers managed to get access to the systems of the two firms, and even though the passwords they stored were reportedly not accessed, the vulnerabilities of these solutions became clear.
1Password believes that this weakness in the architecture of password managers can be solved through passkeys as these are naturally unique and strong sources that can hardly be replicated by criminals.
How do Passkeys Work and Are They as Safe as 1Password Claims?
Passkeys are a login method that involves the use of a unique marker tied to the user that is stored in a device in an encrypted file. A passkey can be a fingerprint or your face as these are significantly hard to replicate.
Passwords are considered less safe than passkeys as hackers can use phishing and brute-force software to guess or steal the alphanumeric combination you use to access your personal accounts at a website or application.
However, the encrypted file in which your passkey is stored cannot be replicated and even though they may figure out what is it that you used – face or fingerprint – to access the systems, they will not have the private key required to complete the login process. With this in mind, it can be argued that passkeys are safer than passwords.
Recent Data Breaches Emphasize the Importance of Passkeys
Multiple companies in the cybersecurity space have suffered data breaches including two of 1Password’s most prominent competitors.
LastPass, a password management solution owned by GoTo, reported in August last year that its systems were breached by a bad actor who managed to steal the password vaults of thousands of customers along with some of their personal information. Even though these vaults cannot be accessed without the master password, users’ data is still vulnerable as criminals can use brute force to try to guess this critical access credential.
Meanwhile, Norton LifeLock’s password management solution was also targeted by criminals who managed to get the personal data of more than 6,000 customers. In this instance, the hackers accessed customer accounts by exploiting a weakness in the firm’s cybersecurity protocols that allowed them to brute-force their way in.
Even though customers’ passwords were also not compromised at first in this case, it is also possible for hackers to get access to the password manager if the login credentials of the main account were the same as the passkey used to access the tool.
Other Related Articles:
Discuss This Article
Add a New Comment /Reply
Thanks for adding to the conversation!
Our comments are moderated. Your comment may not appear immediately.