Apple Aiming to Replace Passwords With New Passkey Feature

[jav6454]

That’s blatantly false. EU sets minimum standards. It’s not our fault for having bigger security and quality standards. Get to our level or better

No, it's not. Then why try to create an open standard by force on people who DO NOT want such standard? For instance, an EU citizen who bought an iPhone knowingly and with intent of staying within the walled garden now has to deal with the EU arbitrary rules of "open" OS, when that specific consumer does not want it.

So yeah, the EU does it just to spite non-EU companies. However, they are content with accepting any BS reason EU companies come up with.

 

[SpotOnT]

I don’t think they’ll require biometrics, they’re just saying people will (often) use biometrics to authenticate on-device. If you use passcode only you’re not supposed to have a degraded experience. Like my iPad Pro’s FaceID actually broke and it’s entirely disabled, but I get all the same capabilities using the device passcode.

Certainly the secure enclave is not supposed to discriminate against people not using biometrics.

Ya hopefully they provide additional options! I feel like the industry trend (not just Apple) is definitely towards biometrics though. We wil find out what the future holds.

 

[Apple_Robert]

Ya hopefully they provide additional options! I feel like the industry trend (not just Apple) is definitely towards biometrics though. We wil find out what the future holds.

Passskey can be used with Biometrics as well as Autofill.

 

[nquinn]

This is interesting, and the FIDO design is compelling. The one question I haven't heard clearly answered is 'how do you recover if you lose *all* your devices?'

Most strong authentication systems break down when the fall back to a flimsier solution.

Probably similar to places that support hardware authentication or device level 2FA. The backup are usually one-time codes you print out and store somewhere insecure

 

[steve333]

Wow. Some people are just in love with their accounts being insecure. Windows is your best path for that anyway. 😂

I don't need Big Pappy telling me what to do. Apple is the new Microsoft.

 

[ignatius345]

Do you really think it’s reasonable to tell every company they have to do everything the same way?

We already "tell every company they have to do [X] in the same way" in many areas related to safety, labor, impediments to fair competition, and harm to consumers. Sounds like you're unfamiliar with the concept of regulation. You might want to read up on that.

And even aside from legal requirements, it's quite reasonable for a consumer to advocate for a company to refrain from activities that impede the consumer's ability to retain their own data in a meaningful way. You might also, while you're educating yourself, read up on recent efforts around data portability, which is salient to the issue at hand.

You are hoping for an unreasonable and uneconomical fantasy, sorry.

“I want every I want and I want it to work always and no matter where i use it and can go to a totally different platform and there’s no inconvenience !!!”

Unreasonable expectations will lead to unhappiness.

EDIT: “I should be able to play my X-Box games on my PlayStation, this isnt fair!!!!!!”

I'm not entirely sure what you're on about with this rant, but this sounds like classic straw man "logic" whereby you drastically mischaracterize someone else's position and knock that down because it's easier for you. Not really much point in engaging further with you. Best of luck!

 

[ignatius345]

too many passwords to remember in this day and age

I have exactly one password to remember: the one that opens my password manager.

 

[MacRumorUser78]

We already "tell every company they have to do [X] in the same way" in many areas related to safety, labor, impediments to fair competition, and harm to consumers. Sounds like you're unfamiliar with the concept of regulation. You might want to read up on that.

Websites don't work too well if they don't use HTML.

 

[TVreporter]

Will this also work naming someone as a beneficiary to an account?

 

[August West]

If this pans out it would be enough to get me to upgrade my 2012 mini to an M1 model w/ Touch ID keyboard if I wasn't already replacing it due to the end of the line for Catalina.

 

[Macative]

Passwords for websites will be required -for as long as you’re alive-.
There’s hundreds of millions of websites and most assuredly, a large percentage of them aren’t going to change their log in procedure.
Some will. A lot won’t.

Considering how overly complicated Sign In With Apple is for a website to adopt, its unlikely that this is going to be any better. Even websites with good backends are not going to want to adopt this.

 

[Macative]

1Password is as impressive as Dark Sky was, in my opinion. It should be an Apple acquisition target!

Meh, to both of them.

Dark Sky was a really bad purchase. It was a nice-looking app but the data was never reliable and didn't compare to any other popular weather data.

1Password is clunky as all hell to this day, and requires a subscription now to be useful across devices. The flow of generating new logins/passwords, and autofilling passwords/CC data, across apps and websites is extremely unreliable and wonky. It needs more babysitting than any other app. Not to mention the Safari extension that regularly stops working and requires a reboot to start working again.

iCloud Keychain just needs a few more features added to it and I can stop using 1Password. It isn't worth an acquisition by Apple.

 

[scrapesleon]

No password no problem apple new motto

 

[Macative]

This is such a bad idea. Same as Apple sign in is a bad idea.

You should always possess and control your identity and credentials independent of any vendor or provider. Thus I will always use my domain specific email address when registering for something. And I will always use passwords generated and stored in keepass. Granted I keep them in keychain too.

This is to mitigate the risk exposure of my apple ID being destroyed or locked intentionally or otherwise. I would instantly lose access to both my identity and all my credentials which means more than just losing stuff I signed up for but my online banking, AWS, HMRC (tax), ebay seller account, mobile phone provider, internet provider, github, credit file etc.

To put it bluntly with this dependency on passwordless in place I would be utterly and totally screwed and entirely at the mercy of one vendor.

Imagine not being able to login to a single account if Apple randomly decides to lock your Apple ID...people need to think twice about these things.

 

[turbineseaplane]

Imagine not being able to login to a single account if Apple randomly decides to lock your Apple ID...people need to think twice about these things.

This! ^^^

All, day, long... this...

I would always want my password manager to be separate from Apple
It's a product that should really be a completely standalone paid (in some way) service folks are using.

 

[Macative]

Yeah - I'm not sure where all these bad reports about 1P are coming from

The subscription discussion is what it is -- but the product itself I find to be fantastic, on all platforms

Well, its not. 1Password still routinely fails to properly save new logins that are created and does a mediocre job of autofilling anything. This workflow needs to be 100% or its basically useless. It's maybe 40% at best.

 

[jaytv111]

Imagine not being able to login to a single account if Apple randomly decides to lock your Apple ID...people need to think twice about these things.

Apple doesn’t and can’t ban people from their own iPhones. What would happen is you can still use your iPhone to logon, but you won’t be able to use your iCloud account with new devices, it also won’t sync between devices. So you will be able to migrate your accounts, assuming websites will let you migrate to a password system if you started with passkey.

However this is incredibly unlikely. Only people who’ve been banned from iCloud are people using their iCloud account for scams, spam, or designing nuclear weapons. If they think your account was compromised they freeze the account and the owner can try to unlock their account.

And if you are a scammer or something (hey I won’t judge!) then you should use passwords as you always have.

 

[matrix07]

This is such a bad idea. Same as Apple sign in is a bad idea.

No. It's an insanely good idea. If it works as conveniently as Apple Sign In which I'm using everywhere I'm able to then I'm all in. You're welcome to waste your time micro-managing stuffs. My time is too precious for that.

 

[Bearxor]

Yet another thing Microsoft was five years too early with that Apple decided to make mainstream.

 

[Apple_Robert]

Will this also work naming someone as a beneficiary to an account?

Haven't read anything on that subject. However, you can easily share passkeys with those you trust.

 

[turbineseaplane]

Well, its not. 1Password still routinely fails to properly save new logins that are created and does a mediocre job of autofilling anything. This workflow needs to be 100% or its basically useless. It's maybe 40% at best.

Doesn't match my experience at all - no way, no how
And I use it all day long

 

[Macative]

Apple doesn’t and can’t ban people from their own iPhones. What would happen is you can still use your iPhone to logon, but you won’t be able to use your iCloud account with new devices, it also won’t sync between devices. So you will be able to migrate your accounts, assuming websites will let you migrate to a password system if you started with passkey.

However this is incredibly unlikely. Only people who’ve been banned from iCloud are people using their iCloud account for scams, spam, or designing nuclear weapons. If they think your account was compromised they freeze the account and the owner can try to unlock their account.

And if you are a scammer or something (hey I won’t judge!) then you should use passwords as you always have.

Get outside of your bubble. Apple has locked people's entire accounts for something as simple as using a gift card wrong, and getting it unlocked is a nightmare. And I guarantee you this would not be as simple as you pretend it is in this situation.

 

[Macative]

Doesn't match my experience at all - no way, no how
And I use it all day long

Just stop. It doesn't work as flawlessly as you pretend, and neither does iCloud Keychain. They both suffer miserably from the same issues.

 

[Apple_Robert]

Get outside of your bubble. Apple has locked people's entire accounts for something as simple as using a gift card wrong, and getting it unlocked is a nightmare. And I guarantee you this would not be as simple as you pretend it is in this situation.

What you say is about Apple locking accounts etc. is true. However, if one has a Recovery Key etc. that should make it easier to verify identity to Apple in cases of suspected fraud on the account although even having that won't mean the doors get opened. I am not diving into this new feature for some of the concerns mentioned. I am content with Strongbox for now and will sit back and observe and wait for more information.

 

[jaytv111]

Get outside of your bubble. Apple has locked people's entire accounts for something as simple as using a gift card wrong, and getting it unlocked is a nightmare. And I guarantee you this would not be as simple as you pretend it is in this situation.

No I actually know how it works. Apple doesn’t lock you out of your iPhone. Never has never will. I guarantee if you get banned from iCloud you still can access your iPhone and stored keys.

At worst, a website will be a pain and not let you migrate to a password. I acknowledge that could be a problem. You’ll have to make a new account in that case.

I’m outside of my bubble already. I will take the risk. Haven’t been banned randomly and no one I know ever has been. Using a gift card wrong in this case must mean you bought a stolen or scammed card and redeemed it. Sucks for you I guess. Don’t use bootleg sources for gift cards.