As families and friends gather, they often turn to tech-savvy individuals for help with troubleshooting issues behind the scenes. One common problem is securely logging into accounts, especially in light of increasing data breaches and phishing attacks. Passkeys, touted as a password alternative, aim to simplify this process. However, experts argue that while passkeys have elegance in their design, usability is still a significant hurdle.
The FIDO2 specification and WebAuthn predecessor underpinning passkeys provide an elegant solution. Nevertheless, the ease and simplicity envisioned have been undermined by inconsistent interface designs and UI factors, making it harder for users to adopt. The technology itself isn’t the issue; rather, it’s the inconsistencies that create a steeper learning curve.
For most people, using a single account provider like iCloud or Google helps alleviate concerns about losing access to devices or accounts. However, relying on a single point of failure can be problematic. Fortunately, this is not a major issue for most users who own multiple devices, such as phones and laptops, which provide convenient access to passkeys.
In summary, while passkeys are more secure than traditional passwords, usability remains an obstacle to widespread adoption. To make passkeys “just work” everywhere, without needing a fallback password, significant improvements in interface design and usability are necessary. This may be a challenging goal, but it’s essential for ensuring the long-term security of account access.
Source: https://arstechnica.com/security/2024/12/passkey-technology-is-elegant-but-its-most-definitely-not-usable-security