A key with light emitting from it.


By Citizen0 | The Digital Citizen | 8 May 2023

In the rapidly evolving digital landscape, the traditional password has long been the first line of defense for our online accounts. However, with Google's recent announcement of integrating passkeys into their accounts, the era of passwords may be coming to an end. Let’s explore the new paradigm that passkeys present, highlighting the benefits and potential drawbacks of this more integrated approach to human-device security.

Passkeys are based on the technology of asynchronous cryptography, where a public and private key pair is used for securing communications. In the case of Google's implementation, the device or app will sign a public key challenge with a private key signature generated by the device. This move towards passkeys signals a shift towards greater security, convenience, and accessibility compared to traditional passwords.

One of the core concepts in cyber security is the CIA Triad, which represents the balance between confidentiality, integrity, and availability.  Traditionally, improving one aspect of the CIA Triad often comes at the expense of another. Passkeys, however, appear to enhance all three aspects, making them a particularly compelling solution for securing online accounts.

The use of passkeys improves confidentiality, as the private key is never stored on a server, but rather is stored and encrypted by the user's biometric data on their device. This ensures that only the user’s account remains secure and the user can still access their account, even if their password becomes compromised. Integrity is also enhanced, as the authentication process relies on the unique private key, making it extremely difficult to forge or tamper with.

Availability, which refers to how easily users can access their accounts, seems to increase as well with passkeys, as long as the user has their device on hand. In an age where smartphones are practically ubiquitous, this is a reasonable assumption to make. However, it is important to recognize that reliance on a device can also present challenges. For instance, if the device's battery dies or the device is lost, the user may find themselves locked out of their accounts.

This reliance on a specific device represents the trade-off (availability in this case) that must be made to maintain balance within the CIA Triad. While there may still be backup methods available for account recovery, it is clear that the integration of passkeys into our digital lives will increase our dependence on our devices.

The adoption of passkeys as an alternative to traditional passwords represents a promising shift towards improved security, convenience, and accessibility. While this new paradigm brings with it some challenges, such as increased reliance on personal devices, the potential benefits it offers in terms of the CIA Triad make it a compelling solution for the future of online account security. Google has been working with Apple and MicroSoft to create a more unified and standard solution for adopting passkeys, it is likely that the use of this technology will continue to expand at an accelerated rate, potentially signaling the end of the password era and a progression of device integration with humans.

How do you rate this article?



Take a look at my website for more stuff.

The Digital Citizen
The Digital Citizen

A blog that will explore and entertain with web3 technologies and AI. Tune into my website for more stuff.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.