MobileNews

Apple iOS 16: Passkeys brings passwordless authentication mainstream

Join top executives in San Francisco on July 11-12, to hear how leaders are integrating and optimizing AI investments for success. Learn More


When it comes to security, passwords often aren’t an asset, but a liability. They provide cybercriminals with an entry point to protected information which they can exploit with phishing scams and social engineering attempts, to manipulate users into handing over personal information. 

With 15 billion passwords exposed online, something needs to change. Many providers are positing that the solution to this problem is to get rid of passwords altogether. 

Now, as Apple iOS 16 launches today alongside macOS Ventura, users will be able to log in with Passkeys on iPhone, iPad and Mac, using biometric authentication options like Touch ID and Face ID, which are synced across the iCloud keychain.  

For enterprises, the launch highlights that passwordless support is becoming more widespread and sophisticated among consumer-focused vendors, driving an authentication movement which could eventually eliminate credential theft. 

Event

Transform 2023

Join us in San Francisco on July 11-12, where top executives will share how they have integrated and optimized AI investments for success and avoided common pitfalls.

 


Register Now

The state of password-based security 

As of 2022, the state of password-based security is a mess, with 85% of users using the same password across multiple sites, while 81% of the companies in the FTSE 100 have had at least one credential compromised and exposed on the dark web.

The launch of iOS 16 and the increasing emphasis on security options like passwordless authentication could play a significant role in shaping the development of other password-free authentication solutions. 

It’s worth noting that the launch also comes shortly after Apple announced that it had discovered two zero-day vulnerabilities for iOS 15.6.1 and iPadOS 15.6.1, which could enable hackers to execute malicious code remotely.

However, enterprises and users can’t afford to rely on passwordless authentication as a silver bullet to protect against security threats like phishing going forward.  

“Phishing isn’t just about sign-in details, there are many forms of social engineering that can lead to PII theft, malware installation and more,” said Michael Covington, VP of Portfolio Strategy at Jamf. 

“Passkeys is a great technology, particularly for consumers who might not currently use a password manager. But when it comes to enterprise use, there is always a need for layers of defense,” Covington said. 

Beyond Passkeys and passwordless authentication 

In practice, Covington recommends that businesses should layer critical device and patch management tools, with endpoint security and web filtering technologies to protect against vulnerabilities, endpoint, and web-based threats. 

While Passkeys is one of the main security features included with iOS 16, users should note a number of other security features too. 

These include Safety Check, which enables users on iPhone to revoke access that people and apps have to their location, and provides additional privacy protections. 

However, perhaps the most relevant inclusion for enterprises is Lockdown mode, which “provides extreme protection for the very small number of users who face grave targeted threats to their digital security.” 

Lockdown Mode limits apps and websites, enables users to turn off images and link previews in messages, and restricts FaceTime calls from unknown numbers.

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.


Author: Tim Keary
Source: Venturebeat

Related posts
AI & RoboticsNews

Nvidia and DataStax just made generative AI smarter and leaner — here’s how

AI & RoboticsNews

OpenAI opens up its most powerful model, o1, to third-party developers

AI & RoboticsNews

UAE’s Falcon 3 challenges open-source leaders amid surging demand for small AI models

DefenseNews

Army, Navy conduct key hypersonic missile test

Sign up for our Newsletter and
stay informed!