Dite ADDIO alle PASSWORD! La RIVOLUZIONE delle PASSKEY spiegata bene!

TuttoTech

21 Jan 202418:38

Summary

TLDRThe video discusses passkeys, a new login method to replace traditional usernames and passwords. Passkeys utilize public key cryptography to provide secure authentication between client and server. The credential manager on your device creates a private key that remains on your device and a public key stored on the server. Biometric or PIN authentication unlocks your private key to authenticate, preventing phishing attacks. Passkeys address issues like password reuse, breaches, and forgetting passwords. Major companies back this technology that will soon become the login standard. Passkeys enhance security while simplifying the login process across devices.

Takeaways

💻 Passkeys are an authentication method set to replace usernames and passwords for enhanced security.
🔑 They are developed by the FIDO Alliance, a consortium including major tech companies like Google, Microsoft, Apple, Amazon, and Meta.
🔒 Passkeys utilize public key cryptography, a type of asymmetric encryption, to secure user data and authentication processes.
🧑‍💻 Users won't need to remember passwords; instead, their device becomes the key to access services through a private key stored on the device.
🛠️ The FIDO2 standard outlines the communication protocols between clients (applications or browsers) and authenticators (devices or security keys).
📞 Passkeys aim to eliminate the common security issues associated with passwords, such as forgetfulness, reuse across services, and vulnerability to phishing and malware.
📲 Each user account can have multiple passkeys, allowing access from different devices securely and conveniently.
💻 Compatibility with passkeys is growing among websites and services, moving towards a passwordless future.
👾 Backup and recovery of passkeys are managed through credential managers like Google's or Apple's, ensuring access even if a device is lost or replaced.
🖥️ Passkeys offer protection against phishing and data breaches by uniquely identifying servers and devices, making unauthorized access significantly more difficult.
📱 Cross-device accessibility is facilitated through credential managers, enabling seamless authentication across smartphones, tablets, and computers within the same ecosystem.

Q & A

What are 'pasky' and what problem do they aim to solve?
-'Pasky' are a new secure authentication method that aims to replace the use of usernames and passwords. They solve issues like password forgetfulness, weakness, and theft.
How does public key cryptography work in the context of pasky?
-A private key is stored on the user's device and a public key on the service's servers. The private key decrypts data encrypted by the public key, proving the user has the correct device.
What role does biometric authentication play with pasky?
-The user's device asks for biometric confirmation like a fingerprint to verify it's really them, adding additional security.
If your device with pasky registered is lost, can you still access services?
-Yes, your private keys are backed up encrypted to Google, Apple etc. servers. You can restore them to a new device with your pin/passcode.
Can you use pasky across multiple devices to access the same service?
-Yes, you can associate multiple pasky keys with one account. Your credential manager syncs them across your devices.
Are pasky vulnerable to phishing attacks?
-No, because the keys uniquely identify devices and services. Even fake websites can't mimic real services to get access.
Can pasky be intercepted and stolen like passwords?
-No, only public keys and encrypted data travel between devices and servers, not vulnerable private keys.
What happens if a service with your pasky registered gets hacked?
-It's secure because only public keys and usernames get stolen typically, not useful without your private keys.
Who created the pasky standard?
-The FIDO Alliance, a consortium with members like Google, Microsoft, Apple, Amazon etc.
When will services start adopting pasky authentication?
-Over the next months and years, services will likely start offering pasky registration and login.