easy portal contact 
Language Switch

Glossary

Passkeys

Secure passwordless login is the aim of this new technology. With Passkeys, the days of logging in to websites or apps using login details, as we have been used to for a long time, should be over.

Passkey was launched on the market in 2022 and the technology is being driven forward by the FIDO Alliance. The aim is to improve security and user-friendliness in the authentication process. The FIDO Alliance includes well-known companies such as Apple, Google and Microsoft.

How secure is a passwordless login?

Very secure. Passkey is based on proven methods that center on asymmetric cryptography and digital signatures. Asymmetric cryptography uses a key pair consisting of a public and a private key. This is the passkey that the browser saves for logging in. You do not have to remember any passwords. To log in to a website, you only need to unlock this passkey: with a fingerprint or via facial recognition, for example.

Another advantage is protection against brute force attacks. As there are no passwords that could be guessed, such attacks are ineffective. This increases security considerably and makes Passkeys a robust solution for authentication.

The Holy Grail of asymmetric cryptography

Methods of this type are usually used for object encryption. But more is possible: anyone who accesses a website via HTTPS automatically benefits from digital certificates proving the ownership of the website operator. So you “know” you are “talking” to the right remote station. Another example is S/MIME, which uses digital certificates to guarantee the authenticity and integrity of emails.

What are the advantages of Passkeys?

Passkeys make it just as easy to dispense with login procedures with user names and passwords. At the same time, this authentication also has many other advantages:

  • Passkey offers increased security (chain of trust)
  • Better protection against phishing attacks (public and private keys are managed by the web browser for users; an e-mail address is not involved and is only required once initially).
  • The question of password lengths no longer arises with Passkey
  • No brute force attacks on passwords
  • Passwords no longer need to be memorized or stored in a password safe
  • The process is much more user-friendly
  • Passkeys generates the procedure automatically
  • Each login to different services has its own passkey

Compared to the login procedure with user name and password, Passkey is not only more convenient, but also superior in several respects. Passkeys not only offer increased security, but also protection against phishing attacks and a simplified user experience.

How do passkeys work?

If you want to log in to an online service, a login request is sent to your browser. The browser signs the request with the stored private key and sends the request back to the online service for verification. The service checks the signed character string for correctness using your public key. This means that your private key remains with you and is never sent to the service. This ensures that your login data remains secure and protected.

FAQ on Passkeys

A passkey is a digital login credential that consists of a key pair – a public and a private key. The key pair remains securely stored on your device. The public key is sent to the online service for authentication, while the private key remains securely on your device. With the public key, the online service can check that the signature created with the private key and requested by the online service is correct.

How do I see my passkey?

Normally you do not need to see or manage your passkey directly. Your browser or operating system manages it for you in the background in a trust store.

The passkey is stored securely on your device, often in a special security module or a secure area of the operating system, the trust store. If required, it can also be synchronized in a secure cloud storage to enable use on multiple devices.

What are the disadvantages of passkeys?

In addition to the advantages already mentioned, passkeys naturally also have disadvantages, although none of them are significant.

  • Limited acceptance: Not all online services support passkeys yet. This means that you may still have to use passwords for some services.
  • Device dependency: Passkeys are tied to a specific device. If you lose your device, it will be difficult to access your accounts unless you have a backup solution in place.
  • No passing on: Unlike passwords, passkeys cannot simply be passed on to other people. Of course, this is also an advantage.

easyarchive

Archive data securely and compliant.

Discover easy archive

easyinvoice

Digitally verify and approve invoices.

Discover easy invoice
Newsroom Media Library Glossary
Contact us

+1 267 313 57-80

info@easy-software.com

Newsletter

We will keep you regularly up to date. Subscribe to our newsletter and find out everything you need to know about the digitization of business processes. The topics will be prepared for you in a tailor-made and varied way.

Newsletter subscription

Products

easyarchive
easyinvoice
easycontract
easyhr

Application areas

Archiving
Document Capture
Procurement Processes
Digital Personnel File
Digital Signature
Document Management
Incoming Invoices
Electronic File
Contract Management
Workflows

Resources

Support
Academy
Managed Services
Blog
Media Resources
Events
Customer Stories
Glossary

About easy

Company
Press & News
Investor Relations
Find partners

Archiving
Document Capture
Procurement Processes
Digital Personnel File
Digital Signature
Document Management
Incoming invoices
Electronic File
Contract Management
Workflows

Support
Academy
Managed Services
Blog
Media Resources
Events
Customer Stories
Glossary

Company
Press & News
Investor Relations
Careers
Find partners

Social

Imprint

General terms and conditions

Disclaimer

Privacy