What Is a Passkey?
A passkey is a way to login to a website, application, or software system without a password.
Instead of creating a password, you use an “authenticator” to generate a passkey (an authenticator is a smartphone, other mobile devices, or a password manager that uses passkeys).
You still need to verify your identity when using a passkey. That may be a password, a PIN (personal identification number), or biometric information, like a fingerprint or facial recognition. To access a site or system, a user needs a valid passkey and must verify their identity.
How Do Passkeys Make Small Businesses More Secure?
Passkeys promise to be more secure than passwords as they’re harder to hack. That’s because there is no string of characters, numbers, and symbols to memorize. Passkeys are unique, making it extremely difficult for hackers to launch successful email phishing attacks to steal passwords.
Furthermore, unlike passwords, a passkey doesn’t need to be changed every few months, and they can’t be stolen or reused. It’s been reported technology companies such as Google, Microsoft, and Apple intend to make passkeys standard in the not-too-distant future.
How Does a Passkey Work?
According to Google, Passkeys use public key cryptography, which reduces the threat of potential data breaches.
When a user creates a passkey with a website or application, it generates a public–private key pair on your device. Only the website stores the public key, but this alone is useless to a cybercriminal.
What Are the Pros and Cons of Using Passkeys?
As with any technology, deploying passkeys in your small business has potential benefits and drawbacks.
- Passkeys are harder to steal and more difficult to compromise than passwords
- If you forget a password, you have to reset it. Passkeys eliminate that issue
- Unlike passwords, you don’t need to update a passkey every few weeks or months
- Your small business may save money and time by not having to manage password storage
- Passkeys are convenient in that they can also be used to encrypt emails or sign digital documents
- There is a cost involved with using passkeys, which might include purchasing specialized software or hardware
- Using biometrics to verify a user’s identity may be an issue if you’re using older devices that don’t support passkeys
- Some websites or applications may not support the use of passkeys
- There’s a learning curve involved with adopting passkey technology
What Insurance Covers Cyber-Attacks and Other Cybersecurity Events?
Every small business or self-employed professional with a website, uses email, stores confidential, proprietary information and customer information, has a point-of-sale (POS) system or accepts digital payments from customers should have cyber liability insurance.
Cyber insurance is designed to help small business owners recover from cyber-attacks – ransomware attacks, phishing attacks, distributed denial-of-service (DDoS) attacks – and data breaches (when confidential data is stolen, copied, altered, or viewed by unauthorized people).
Get the cyber liability protection your business needs. Fill out our online application for a free quote.
Our knowledgeable brokers will shop our partner network of over 50 insurance providers to find the low-cost cyber insurance policy you require and customize it to suit your needs and budget. If you have questions about cyber liability insurance, talk to us and let us help you get the coverage you need.
– Reviewed by Michael McDermott, Director of Underwriting, Zensurance.