CP
cyberpings

Passkeys Endorsed by NCSC - A New Era Beyond Passwords

The NCSC has officially endorsed passkeys as the new standard for authentication, urging users to abandon passwords. This shift aims to enhance security and user experience. Major platforms like Google and Microsoft are leading the way in this transition, making it easier for users to adopt passkeys.

PrivacyHIGHUpdated: Published:
Featured image for Passkeys Endorsed by NCSC - A New Era Beyond Passwords

Original Reporting

REThe Register Security

AI Summary

CyberPings AIยทReviewed by Rohit Rana

๐ŸŽฏBasically, the UK is saying we should stop using passwords and start using passkeys for better security.

What Changed

The UK's National Cyber Security Centre (NCSC) has made a groundbreaking announcement: passkeys are now the recommended standard for authentication, replacing traditional passwords. This marks a significant shift in cybersecurity policy, as the NCSC has advised consumers to abandon passwords altogether where passkeys are available.

Why This Matters

This change is crucial because passwords have long been a weak point in digital security. The NCSC's technical report, presented at the annual CYBERUK conference, highlights that passkeys are not only as secure as passwords combined with two-step verification (2SV), but they are also generally more secure. The transition to passkeys is expected to enhance the security of everyday digital services significantly.

Who's Affected

The NCSC's guidance impacts all consumers and businesses in the UK who rely on online services. Major platforms like Google, eBay, and PayPal have already made it easier for users to adopt passkeys, with about 50% of UK Google users having registered at least one passkey. Microsoft has also set passkeys as the default standard, further pushing this transition.

How Passkeys Work

Passkeys operate by generating a cryptographic key pair between a user's device and the account they are accessing. This method eliminates the risks associated with passwords, such as phishing and guessing, and is reportedly up to eight times faster to use. Users no longer need to remember complex passwords, reducing the fatigue often associated with credential management.

What You Should Do

For those who cannot use passkeys yet, the NCSC advises continuing with the password plus 2SV approach but emphasizes the importance of using a password manager. This ensures that passwords remain complex and unique, minimizing the risk of credential theft. As Jonathon Ellison from the NCSC noted, moving to passkeys can significantly improve the security landscape and prepare users for modern cyber threats.

The Bigger Picture

This endorsement of passkeys is part of a broader strategy by the NCSC to bolster the UK's cyber defenses amid increasing cyber threats. The agency reported that the number of significant cyberattacks remains high, emphasizing the need for improved security hygiene as the geopolitical landscape evolves. By adopting passkeys, users can contribute to a more secure digital environment, reducing the burden of password management while enhancing overall security.

๐Ÿ”’ Pro Insight

๐Ÿ”’ Pro insight: Transitioning to passkeys could significantly reduce phishing risks and improve overall user security, aligning with modern authentication standards.

REThe Register Security
Read Original

Share

Related Pings

Preview image for Roblox - Implements Age Checks and Chat Limits Amid Settlements
Privacy
HIGH

Roblox - Implements Age Checks and Chat Limits Amid Settlements

Roblox is tightening its chat and age verification policies after settling child safety lawsuits. These changes aim to protect kids from online dangers. As legal scrutiny increases, parents must stay informed about their children's interactions on the platform.

MWMalwarebytes Labs
Read PingRead Source
Preview image for EPIC Files Amicus Brief Against Flock ALPR's Use
Privacy
HIGH

EPIC Files Amicus Brief Against Flock ALPR's Use

EPIC has filed a brief arguing that Norfolk's use of Flock's ALPR system violates privacy rights. This case raises significant concerns about mass surveillance and discrimination. The outcome could impact how surveillance technologies are regulated.

EPEPIC Electronic Privacy
Read PingRead Source
Preview image for EPIC Urges Court to Protect Voter Privacy Against DOJ Demand
Privacy
HIGH

EPIC Urges Court to Protect Voter Privacy Against DOJ Demand

EPIC is fighting against the DOJ's demands for voter data, raising significant privacy concerns that could affect citizens' rights across the U.S.

EPEPIC Electronic Privacy
Read PingRead Source
Preview image for EPIC Urges EU Leaders to Defend Digital Rights Amid U.S. Pressure
Privacy
HIGH

EPIC Urges EU Leaders to Defend Digital Rights Amid U.S. Pressure

EPIC and U.S. civil society groups are urging EU leaders to uphold digital rights against U.S. pressures. This is crucial for protecting privacy and ensuring fair regulations.

EPEPIC Electronic Privacy
Read PingRead Source
Preview image for Gmail Blue Checkmark - Transforming Email Marketing Strategies
Privacy
HIGH

Gmail Blue Checkmark - Transforming Email Marketing Strategies

Gmail's new blue checkmark boosts email marketing by verifying senders and enhancing trust. This feature helps reduce phishing risks, making it crucial for marketers to adapt their strategies.

CSCyber Security News
Read PingRead Source
Preview image for House Republicans Introduce National Privacy Bill for Consumers
Privacy
MEDIUM

House Republicans Introduce National Privacy Bill for Consumers

House Republicans have introduced the Secure Data Act to enhance digital privacy rights. This new legislation aims to give consumers more control over their data, but bipartisan support is uncertain. Critics worry it may weaken existing protections. Stay informed about your privacy rights as this bill progresses.

CSCyberScoop
Read PingRead Source