Letters
Tell us what’s on your mind
I’m suspicious that tech firms are so keen on passkeys
My heart sank when I read that Microsoft’s default for setting up new accounts is passkeys rather than passwords (Issue 710, page 8). I don’t think any technological ‘advancement’ (and I use that word cautiously) has baffled me as much as passkeys. I understand why international spies, CEOs of banks, government officials and hackable celebrities need this extra layer of protection, but it seems like a ridiculous overreaction for the average user. And I’m very average!
Here’s my other query: what’s in it for the tech companies? When it comes to privacy, they only usually act under great pressure from authorities. But they’ve been suspiciously keen to introduce passkeys, despite very little pressure from campaigners (as far as I can see). Am I being unfairly cynical?
Roger Buchan
CA SAYS We understand where Roger is coming from. Yes, passkeys are much more secure than passwords, but tech giants haven’t previously been so eager to introduce privacy measures. In fact, they’ve often fought against them. One reason companies are so enthusiastic about passkeys is they reduce how often users have to ask to reset their passwords. This cuts their customer-support costs. It also encourages users to stick with an operating system because their passkeys will be tied to it. This makes switching services even harder than it was before.
Overall, we think the pros of passkeys outweigh the cons. But we think the tech industry has been far too aggressive at forcing them on to users, and done a terrible job of explaining the benefits. We’ve covered some of the simplest ways to use them, including on the excellent Proton Pass password manager