Partners and Programs:
Partners and Programs:

FLIGHT SAFETY FOUNDATION HEADQUARTERS

701 N. Fairfax Street, Suite 250,
Alexandria, Virginia 22314

Phone: +1 703 739 6700 Fax: +1 703 739 6708

Passkeys [upd]

To understand the magnitude of the shift toward passkeys, one must first understand the fatal flaw of the password. A password is a "shared secret." The user knows it, and the server stores it (usually in a hashed format). This symmetry creates a permanent vulnerability. If a user is tricked by a phishing email into entering their password on a fake site, the attacker obtains that secret and can use it on the real site. Similarly, if a company's database is breached, millions of hashed passwords can be stolen and cracked. The fundamental problem is that a password is knowledge that can be transferred, stolen, and reused.

Furthermore, passkeys represent a synthesis of high security and high usability—a combination rarely seen in technology. Traditionally, better security meant more friction: longer passwords, two-factor authentication (2FA) codes, and biometric scanners. Passkeys invert this dynamic. To log in with a passkey, a user simply uses Face ID, Touch ID, or a device PIN—the same gesture they use dozens of times a day to unlock their phone. There is nothing to memorize and nothing to type. This "zero-knowledge" approach also protects the user's privacy; biometric data is processed locally on the device's secure enclave and is never sent to the website. passkeys

In today's digital landscape, security is a top concern for individuals and organizations alike. With the rise of online transactions, social media, and cloud computing, the need for robust authentication methods has become more pressing than ever. Traditional passwords, with their inherent vulnerabilities, are no longer sufficient to protect sensitive information. This is where passkeys come in – a game-changing technology that's poised to revolutionize the way we secure our online lives. To understand the magnitude of the shift toward

A passkey is a digital credential, stored on your device (phone, computer, or security key), that allows you to log into websites and apps without typing a username or password. Instead, you unlock the passkey using your device’s screen lock (Face ID, fingerprint, or PIN). If a user is tricked by a phishing

For decades, passwords have been the standard for online security, but they are increasingly vulnerable. Many users choose simple, easily guessable passwords or reuse them across multiple sites, making them prime targets for hackers. Passkeys were developed by the FIDO Alliance to eliminate these weaknesses by removing the human element from the credential itself. How Passkeys Work The beginning of the end of the password - Google Blog

Related Content

passkeys

News, Mechanical Issues, Accident/Incident Investigation, Safety Regulation

FAA, EASA Order More Frequent CFM56-7B Fan Blade Inspections

The new inspection interval has been set at every 1,600 engine cycles.

by FSF Editorial Staff

News, Accident/Incident Investigation

NTSB Plans Hearing on Southwest Engine Failure

The U.S. National Transportation Safety Board (NTSB) plans a public hearing in November on the…

by FSF Editorial Staff

passkeys

News, Safety Oversight

Inspector General to Audit FAA Oversight of Southwest Airlines

Citing concerns raised by an engine failure that sent debris through the window of a…

by FSF Editorial Staff

Read more articles