With the advent of passkeys, plenty of people are predicting the end of passwords. Is the future passwordless, though? Or is there room for both types of authentication to exist side-by-side?
At Proton, we are optimistic about passkeys and have introduced support for passkeys in our password manager. However, we are not ready to predict a future without passwords, and we believe there’s room for both technologies to coexist.
In this article, we go over these questions and tell you how Proton sees its place in this evolution.
- What is passwordless authentication?
- Issues with passwordless login
- Why Proton isn’t abandoning passwords
What is passwordless authentication?
Passwordless authentication is a method to log in to your online account or app without using a password. There are a few ways to do this — like using a hardware key, or biometrics like a retina or fingerprint scan — but the easiest and most viable way for most people is to use passkeys.
The tech gets a little tricky, but the way passkeys work is that when you set one up with a service, a key is created. The service holds one part of it, and you hold the other. To gain access, you need to combine the two. This process of creating and combining the keys happens in the background, without you needing to do anything beyond giving permission to use the passkey.
When they’re properly implemented by the service, passkeys are great. They’re secure, easy to use, and it’s tempting to think they will replace passwords and passphrases. Much the same goes for fingerprint scans and hardware keys. They do away with a lot of the hassle associated with authentication. However, dig a little deeper and you’ll see there’s still a case to be made for doing things the old-fashioned way.
Issues with passwordless login
Most forms of passwordless authentication have some kind of issue stopping them from being a one-size-fits-all solution in the same way that passwords are. A good example is biometric login, which works great most of the time, but fails the moment your scanner breaks. This is one reason why you always set up a password or PIN before you scan a fingerprint; the more reliable tech acts as backup.
Much the same goes for hardware keys: They work extremely well, but the moment you lose the key, you may be permanently locked out of your accounts unless you have a recovery password in place. As a result, hardware keys are mostly used for two-factor authentication, when you need a second method on top of a password to prove your identity.
Passkey problems
Passkeys also have some issues that prevent them from becoming the default. Here is a breakdown.
Not supported on most websites and apps
First off, as a relatively new technology, passkeys aren’t supported by all sites and apps. While implementation is accelerating, passkey fans right now will often come away disappointed when trying to use passkey authentication. This situation will change, but we predict it will take years, mainly due to the tech being tough to implement.
Some issues with browsers
While most major browsers (Google Chrome, Mozilla Firefox, Microsoft Edge) support passkeys, many smaller players don’t as yet, or only in a limited fashion. If you use Opera, Brave, or something even more exotic, passkeys aren’t a great option for you.
Cross-platform support issues
There are also issues when using passkeys between platforms. For example, if you use a passkey created on an Apple device, you have to jump through some hoops to make it work with your Google account, locking you out until you use your password to authenticate.
Only works on the latest operating systems
Since passkeys are new, that also means any tech you use them on needs to be new. For example, only iPhones running iOS 17 and Android 14 devices support passkeys, and even then there are issues. If you’re using older hardware and software, passkeys simply will not work.
Why Proton isn’t abandoning passwords
As a result, as much as we like passkeys for their speed and convenience, here at Proton we don’t believe that passwordless is the only future. Instead, passwords and passkeys will coexist, with some accounts accessible with a passkey and others using a combination of passwords and 2FA.
Because of this, we’ve developed our password manager, Proton Pass, to support passkeys alongside passwords, not instead of them. This isn’t just out of pragmatism, either: As a company that puts our community first, we give you the freedom to choose how best to secure your data for your accounts.
As a company that makes its money purely from subscriptions — no shareholders, no venture capital — we must prioritize your interests. We do this by making sure not only that you’re secure, but that you can choose how that looks for you. If you like the speed and convenience of passkeys, you may use them across all platforms that support it. If you prefer having 2FA for all your accounts, you can do that, too.
If you want to try a password manager that’s not just on the cutting edge but also lets you decide how close you get to the blade, Proton Pass has a free plan that lets you use almost all its features without spending a penny. What better way to get to know the not-quite passwordless future?