Passkeys

Announcing support!

Passwd will support passkeys starting from Q1/25.

Passkeys are a new way to authenticate users without traditional passwords. They rely on public-key cryptography, and unlike passwords, which can be stolen, guessed, or leaked in data breaches, passkeys use unique digital keys tied to your device (like your phone or computer) to verify your identity.

The advantage of passkeys, especially when partnered with a tool like Passwd, is their ability to facilitate secure sharing of account access among colleagues without revealing the actual password. Here's a simplified breakdown of the process:

1. You register for a service that supports passkeys using a traditional username and password setup.
2. Then, you securely store these login credentials within Passwd.
3. Next, you generate a passkey for this service and also keep it securely within Passwd.
4. When you need to grant access to this service to a colleague, you simply share the passkey with them.
5. Your colleague can then seamlessly log into the service using the shared passkey, along with the Passwd browser extension, without ever knowing the actual password.
6. Should the need to revoke your colleague's access arise, you can easily remove their permissions within Passwd. This ensures that while passwords could potentially be copied or written down elsewhere, the passkey remains secure within Passwd.
7. It's worth noting, however, that a colleague with the passkey could create a new passkey. But, this potential issue can be countered by revoking the passkey through the service whenever necessary.

This approach effectively enhances security and control over who has access to your accounts, minimizing the risk and worry that typically come with sharing sensitive login information. It's important to say that from a cyber-security perspective, you should never share your password with anyone. However, we know this is a must in the current world, as numerous services simply don't support user management.