Tech

UK cyber agency urges shift from passwords to passkeys for online security

Navigation

Ask Onix

UK pushes for passkeys over passwords

The National Cyber Security Centre (NCSC) has advised Britons to adopt passkeys where possible, marking a major shift in digital security recommendations. The move aims to replace traditional passwords, which have long been vulnerable to breaches and human error.

Why passkeys?

Passkeys eliminate the need to remember complex passwords by using cryptographic technology tied to a user's device. Unlike passwords, they are unique to each website or app, reducing the risk of phishing and remote attacks. Major platforms like Apple, Google, and X already support them.

Jonathan Ellison, NCSC's director for national resilience, called passkeys a "user-friendly alternative" that strengthens security while easing the burden of password management.

How passkeys work

Passkeys rely on public key cryptography. A device generates a secure key pair-one part stays on the device, while the other is stored by the service. Authentication typically involves biometric verification (e.g., Face ID or fingerprint scans) or a PIN, without sharing sensitive data.

"These keys are resistant to phishing and can't be intercepted by remote attackers," said Niall McConachie of Yubico.

Niall McConachie, Yubico

Security vs. limitations

While passkeys are considered at least as secure as multi-factor authentication (MFA), experts caution they aren't foolproof. Losing a device or lacking access could complicate recovery. Daniel Card of BCS noted they are "not a silver bullet."

The NCSC previously hesitated to endorse passkeys due to slow adoption and limited support. However, growing compatibility-including the UK government's use of passkeys in digital services-signals broader acceptance.

What's next?

The FIDO Alliance, an industry group promoting passkeys, reports support across major operating systems and browsers. Cybersecurity experts encourage users to transition from passwords to passkeys where available, alongside password managers and MFA.

"This is a step change in reducing risk," Card added.

Daniel Card, BCS

Related Articles

UK launches first official BookTok bestseller list reshaping reading trends
2 hours ago

UK launches first official BookTok bestseller list reshaping reading trends

UK introduces official BookTok bestseller chart Britain has unveiled its first official bestseller list driven by TikTok's influential #BookTok community, merging sales data with social media tre...

#Social Media #Publishing #Culture #Books #Trends
Jokic ejected as Timberwolves edge Nuggets in playoff clash
2 hours ago

Jokic ejected as Timberwolves edge Nuggets in playoff clash

Jokic ejected after mid-court confrontation Denver Nuggets center Nikola Jokic was ejected with 1.3 seconds remaining in Game 4 after shoving Minnesota Timberwolves forward Jaden McDaniels, spark...

#Playoffs #Basketball #Nba #Sportsmanship
Rare 17th-century Mughal astrolabe heads to auction in London
2 hours ago

Rare 17th-century Mughal astrolabe heads to auction in London

Massive astrolabe from Jaipur's royal collection to be auctioned A 400-year-old brass astrolabe, once owned by Jaipur's royal family, will be sold at Sotheby's London on 29 April. Described as po...

#Science #Culture #History #Art #Auction

Related posts

Report a Problem

Help us improve by reporting any issues with this response.

Problem Reported

Thank you for your feedback

Ed