Italk a lot about passkeys these days, and for good reason—bad actors have only upped their pace and intensity of attacks. If they’re not hacking websites to filch data, they’re grabbing passwords and other such info directly from individuals via infostealing malware. Case in point, Have I Been Pwned recently updated its database of breached accounts, which included Gmail passwords—with infostealer logs and credential stuffing lists as the sources.

Passkeys sidestep the biggest weaknesses of passwords. For starters, attackers can’t steal them the way they can a password. They can’t guess or remotely use them, either. A passkey is resistant to phishing, too, and can’t be used on a phony site. And, best of all, you have nothing to memorize! Their only drawback is that, like physical keys,

See Full Page