With iOS 17 and MacOS Sonoma, Passkeys Are Coming to Apple ID Login – CNET [CNET]

Why You Can Trust CNET

Our expert, award-winning staff selects the products we cover and rigorously researches and tests our top picks. If you buy through our links, we may get a commission. Reviews ethics statement

The new authentication technology is designed to be vastly more secure than passwords.

Stephen Shankland principal writer

Stephen Shankland has been a reporter at CNET since 1998 and writes about processors, digital photography, AI, quantum computing, computer science, materials science, supercomputers, drones, browsers, 3D printing, USB, and new computing technology in general. He has a soft spot in his heart for standards groups and I/O interfaces. His first big scoop was about radioactive cat poop.

Expertise processors, semiconductors, web browsers, quantum computing, supercomputers, AI, 3D printing, drones, computer science, physics, programming, materials science, USB, UWB, Android, digital photography, science Credentials

• I’ve been covering the technology industry for 24 years and was a science writer for five years before that. I’ve got deep expertise in microprocessors, digital photography, computer hardware and software, internet standards, web technology, and other dee

With iOS 17 and MacOS Sonoma, Apple will join Google in embracing passkey login for its own websites and services, a big step in an even bigger step away from the profound flaws of password-based authentication.

Apple already supports passkey login in its existing iOS, MacOS and iPadOS software. But according to beta testers of the new versions of the software expected to arrive this fall, Apple will prompt people to enroll in passkey authentication for its own sites where you use an Apple ID, like iCloud.com.

Passkeys employ biometric checks like face or fingerprint recognition and are designed to be as easy to use as passwords but vastly more secure. They rely on very secure cryptography technology that Apple, Google, Microsoft and other tech companies developed at the Fast Identity Online (FIDO) Alliance. Passkey support is relatively rare today, but when it’s embraced more broadly, life should get harder for hackers.

Apple didn’t immediately respond to a request for comment. But the company told PC Magazine that the passkey enrollment will be automatic for Apple sites.

Watch this: WWDC 2023: Here Are All the Major iOS 17 Features

06:31

Password login technology is plagued with problems. Passwords that are more secure also are harder to remember. Many of us reuse passwords on multiple sites, amplifying the havoc a hacker can cause. Dual-factor authentication helps, but there are weaknesses there, too, especially with passcodes sent by SMS.

Passkeys get rid of these problems and as an added bonus block phishing attempts, since they offer cryptographic links between your devices and the specific sites you log in to. You can’t use a passkey on a fake version of a website.

Passkeys can be synchronized across multiple devices, and Apple does so automatically across iPhones, Macs and iPads. But there can be synchronization complications if you use non-Apple devices or browsers or borrow your friend’s laptop.

The FIDO Alliance is working on passkey portability, which would let you export passkeys manually, the way you might move passwords from one password manager to another. Google and Apple have pledged support.

For now, though, there’s a QR code scanning method that lets you use a passkey-enabled device to authenticate on another that doesn’t have them. And you can set up multiple passkeys for the same site.

Password managers are adding support for passkeys, too. 1Password is beta testing passkey support, though it doesn’t yet offer passkey protection for your password vault. And Dashlane lets you use passkeys on Android today with support on Apple devices coming with iOS 17 and MacOS Sonoma.

Mobile Guides