30/03/2026

LYFE MONDAY | MAR 30, 2026

FOLLOW

ON YOUTUBE

22

Malaysian Paper

/theSunMedia /

Ű BY MARK MATHEN VICTOR Most major apps will require some form of passkeys over the next few years. P ASSWORDS have protected accounts from banking to the internet for decades and now, the tech industry wants them gone. In most data breaches these days, weak passwords, reused logins and phishing scams drive more of the exploitation of security vulnerabilities Cybersecurity teams spend billions

End of passwords? o Tech firms push passkeys, biometrics as logins evolve

Improving over time Security experts stress that no system is perfect. Malware, social engineering and SIM swap scams will not vanish overnight, but removing passwords cuts off one of the weakest links in digital security – human memory. That said, we will not wake up tomorrow to find passwords gone as the transition will take time. Many services will offer both systems during the shift. But the direction is clear, due to how passwords were designed for a bygone era, when the internet was simpler. Today’s threat landscape is more aggressive and automated. As cyberattacks grow in scale, the old login method looks increasingly outdated. The password’s long run may be ending. The next time you log in with your fingerprint instead of a string of characters, you may already be living in a password-free era.

happens if someone loses their device? For that, tech firms say passkeys can be recovered through secure cloud backups tied to the user’s account but that too has critics worried, as this concentrates risk with large platforms. If the main account is compromised, attackers could access multiple services. There are also access concerns as not everyone owns the latest smartphone with biometric features or how older devices may not support full passkey standards. That could leave some users relying on traditional passwords for years.

traditional passwords. This also makes logging in often faster, as users can easily unlock their phone with just their face or fingerprint. The same action signs you into apps and websites without needing the memorisation of complex strings or sending reset emails. The adoption of passkeys is most visible with banks and e-commerce platforms. Some governments are also reviewing password-free digital ID systems to reduce fraud. Though it all sounds good for cybersecurity, the shift does raise questions, such as what

managing resets and account recovery, but users still pick “123456”, “password” or reuse the same password across multiple sites. Outdated, broken system Tech firms and companies, including Apple, Google and Microsoft now back a password free standard built around “passkeys”. The system comes from the Fido (Fast IDentity Online) Alliance, an industry group working on open authentication rules. A passkey replaces typed password with a cryptographic key that is stored on a user’s device and when they log in, their phone or laptop confirms the identity using biometrics, such as fingerprint or facial recognition, or a device pin. This secret key never leaves the device. Whereas in a traditional password, companies will store a version of a person’s password on their servers, which become targets by hackers. If they break in, these cybercriminals will mine stored credentials, which are often reused by users elsewhere. However, with passkeys, there is no central password database to attack and steal from. Even if attackers breach a company, they can not use the stolen data to then log into a person’s account. These passkeys, which have robust asymmetric cryptography, also makes phishing harder. Today, someone might click a fake banking link and enter their password without noticing the website is fraudulent. But as passkeys link directly to the legitimate domain, their device will not authenticate the fake site. Not all digital sunshine and rainbows Passkeys also provide better security without requiring much effort from the user, most obviously eliminating the need for shuffling through or trying to remember

Passkeys are most prevalent among banking apps, due to the critical need for stronger cybersecurity. – ALL PICS FROM FREEPIK