08/22/2024 - Articles
Passkeys: The future of authentication
In a world where cyber attacks are becoming more sophisticated and traditional passwords are increasingly considered insecure, companies and security experts are looking for alternative authentication methods. Passkeys are one promising solution. In this blog article, we take a closer look at passkeys, how they work, their benefits and how they could revolutionize the way we log in online.
What are passkeys?
Passkeys are a modern authentication method that aims to eliminate the need for passwords. Instead of a traditional password, passkeys use cryptographic key pairs to verify a user's identity. These key pairs consist of a public and a private key. The public key is stored on the server, while the private key remains securely on the user's device.
How do passkeys work?
The functionality of Passkeys can be explained in three simple steps:
1. registration
- The user registers with a service that supports Passkeys. A key pair is generated in the process
- The public key is sent to the service and stored.
- The private key remains securely on the user's device.
2. login
- When logging in, the service sends a challenge to the user's device.
- The device signs this challenge with the private key.
3. verification
- The service verifies the signature with the stored public key.
- If the signature is correct, the user is authenticated and granted access.
Advantages of Passkeys
Passkeys offer a number of advantages over traditional passwords:
1. Safety
- Passkeys are extremely secure as the private key never leaves the user's device and therefore cannot be intercepted or stolen.
- They are resistant to phishing attacks as the challenge can only be answered by legitimate services.
2. User-friendliness
Users do not have to remember complex passwords. Authentication is often carried out using biometric methods such as fingerprint or facial recognition, which significantly improves the user experience.
3. Compatibility
Passkeys are based on open standards such as WebAuthn and FIDO2, which ensures broad support across different platforms and devices.
4. Protection against data leaks
Since passkeys are not passwords, they cannot be compromised in data leaks. Even if a server is hacked, the stolen public keys are useless without the corresponding private keys.
Implementation of passkeys in Projektron BCS
With version BCS 24.2, Projektron introduces the passwordless authentication method using passkeys. This implementation brings considerable advantages for the security and user-friendliness of the Projektron BCS project management software:
Increased security
| Strong encryption: Passkeys consist of a random and long combination of characters that are difficult to guess, making brute force attacks almost impossible. | |
| Phishing protection: Passkeys are domain-specific, which means that they cannot be used on other domains even if they are intercepted. | |
| Protection against credential stuffing: As passkeys are generated uniquely for each application, they cannot be reused for other applications. | |
| Security gain in the event of data leaks: Public keys can be stored in the database without additional cryptographic procedures because they alone are worthless to attackers. |
Improving user-friendliness
| Simplicity: Users no longer have to remember passwords, which simplifies operation. | |
| Multiple passkeys for different accounts: Users can save and manage multiple passkeys on one medium (smartphone, TPM, USB stick), making it easier to handle different accounts. | |
| No need to enter the user name: With the resident key (user handle), it is not necessary to enter the user name when logging in. |
Avoidance of typical password problems
| No weak passwords: As passkeys are system-generated and random, there is no risk of weak password | |
| No forgetting passwords: Users no longer have to write down or memorize passwords. | |
| Protection against social engineering: As passkeys are not entered directly by the user, they cannot be tapped using social engineering techniques. |
Test our software free of charge for 30 days and see the benefits of password-free authentication for yourself. Register for one of our online presentations and find out first-hand how Projektron BCS can make your project management more secure and efficient.
Passkeys in everyday life
Many major technology companies and platforms have started to support Passkeys. Apple, Google and Microsoft are actively working to integrate Passkeys into their operating systems and web browsers. This development allows users to seamlessly and securely log in to different services without having to worry about the security of their credentials.
A passkey makes it possible to log in to an account securely and without a password by using FIDO and FIDO2 technologies. These provide two-factor authentication that is supported by devices such as a smartphone. Services such as Google and Apple are increasingly relying on passkeys to increase security and make use more convenient. The app can help to use passkeys on multiple devices so that data is transferred securely between devices and users can seamlessly log in to different services.
A typical example of the use of passkeys in everyday life could look like this: A user opens their laptop and navigates to a website that supports passkeys. Instead of entering a password, the user authenticates themselves using their fingerprint sensor or facial recognition. The private key on the device signs the challenge and the website verifies the user's identity - quickly, securely and easily.
With FIDO technology, users can make their account more secure by activating two-factor authentication. One example of this is the use of a cloud-based keychain, which is available on devices such as android and iOS. Users can create and store their keys via the icloud or a special app. This function makes it possible to use the same key on multiple devices, simplifying access to the account and increasing security.
Conclusion: Security and user-friendliness combined with Passkeys
Passkeys represent a significant advance in the world of digital authentication. They offer higher security and a better user experience compared to traditional passwords. With growing support from major technology companies and increasing adoption by various services, Passkeys could soon become the new standard for secure online authentication.
By implementing Passkeys into Projektron BCS project management software, users will benefit from increased security and improved usability. The age of passwords is coming to an end and the era of passkeys is beginning. It's an exciting development that could fundamentally change the way we protect and authenticate ourselves online.
About the author
This article was written by an employee of the development department of Projektron GmbH. As an expert in security issues and authentication procedures, he has extensive knowledge and experience in implementing secure, modern solutions such as passkeys in the Projektron BCS software.
More interesting articles in the Projektron blog
Choosing PM software
If your SME or company is about to choose project management software, you probably don't know where to start looking for the right PM tool for you. This guide will guide you through the PM software market and lead you to the right decision in 9 steps.
Scrum in software development
When it comes to agile software development methods, there is one term you cannot avoid: Scrum. But what exactly is Scrum and how does it develop its strengths in software development?
Process modeling with BPMN
BPMN - the standard for process modeling. BPMN stands for Business Process Model and Notation and is an international modeling language for business processes. You can find out everything about BPMN and how you can use it here.
Project management software comparison 2024
Get an up-to-date overview: We compare 13 of the most popular and best project management software solutions. Start here, discover the market and compare for yourself!
Passkeys offer higher security and a better user experience compared to traditional passwords.
