Why it matters: If you own an iPhone, you may have begun noticing some apps asking you if you would like to create a passkey. It’s taken some time, but developers are finally incorporating it into their apps, with X being the latest.
On Tuesday, X (formerly Twitter) announced its adoption of passkeys for iOS users in the US. The authentication method is optional, but X strongly encourages users to enable the feature for a more seamless experience and advanced security.
Apple added passkey support to iOS 16 in September 2022. the feature is an easy and secure way to log into apps and websites. Instead of passwords, your device acts as your authentication tool. When you set up a passkey for an app or a website, two encrypted keys are generated – private and public. The private key is stored on your device, and the platform holds the public one.
In non-technical terms, when you authenticate with a passkey, the platform (X in this case) “asks” to see your private key. Your device, acting as an intermediary, asks you to authenticate yourself, ideally through biometrics, but your phone’s password will work, too. Once the system knows it’s you, it reveals the private key to the app or website and automatically logs you into your account.
Today we’re excited to launch Passkeys as a login option for our US-based users on iOS!
A passkey is a new, easy to use, and secure way to log in to your account – all from your device. Passkeys are more secure than traditional passwords since they’re individually generated by…
– Safety (@Safety) January 23, 2024
Apple passkeys work seamlessly on anything logged into the same iCloud account. There is no need to set up passkeys for each device. However, you must create one for each app. Currently, about 26 apps and websites support passkeys, including Google, PayPal (apps only), GitHub, Microsoft (Xbox), Amazon, Nvidia, Uber, and iCloud, to list some of the more commonly used ones.
One of the most attractive features of passkeys is not having to remember credentials. As a bonus, the authentication process is more secure because there are no credentials to steal. Passkeys are impervious to phishing attempts. However, until Twitter and others eliminate standard login methods, traditional login information will still be vulnerable to various hacking methods.
According to Twitter’s Help Center, to set up a passkey, open the X app and tap on your avatar to access the account menu. Then select Settings and privacy -> Security and account access -> Security. Under “Additional password protection,” tap “Passkey,” then follow the prompts.
As of publication, the Passkey option was unavailable for me, indicating that X has the feature on a slow rollout. Check out this 15-second video from X News Daily to see what the setting looks like. If you don’t see it, keep checking back periodically until it shows up.
Image credit: Mike MacKenzie