Passkeys (and What They Mean For You)

Written By Community Tech Alliance

There’s a big change coming to the way you log into your Google accounts, including your CTA-provided PAD account. Based on industry standards, passkeys are a new password and second factor replacement that allows you to use physical devices to authenticate to your online accounts.

Passkeys leverage public-private keys and cryptographic techniques to ensure that only you can access your account. They’re always secure, never guessable, and only stored on your device. Depending on whether you’re an Android user or iOS user, passkeys are generated a bit differently, but the upshot is the same: passkeys are profoundly more secure than passwords, and you’ll no longer have to carry around a hardware 2FA key (you were doing this, right?).

So what does this mean for you?

  • Beginning in late June 2023, CTA will enable passkey support on your PAD account.

  • Once enabled, you’ll simply visit the My Account page and add in a passkey.

  • Chrome on macOS, iOS, Android, and soon, 1Password, all support passkeys.

  • Going forward, instead of entering your Google password and using your 2SV device when signing into Google around the web, you’ll simply be prompted to use Touch ID, Face ID, or the Android equivalent to verify your identity. Don’t have a passkey stored on your device? No problem, you can always have the website request a passkey stored on a different device. You can even share passkeys!

So what do you do with your hardware 2SV keys?

Hold onto them! While passkey support is spreading quickly, as long as there are websites that only support basic passwords and 2SV, hardware 2SV keys are the best option for securing your account.

Also, your password isn’t disappearing quite yet! If you lose all of your devices (and don’t have your passkeys synced, for example, to iCloud), you’ll still need your password. And it is worth keeping a single 2SV hardware key on there too, just in case.


Google Login Page Asking for a passkey saved on macOS Chrome

If all of this is a bit confusing, don’t worry. We’ll send out detailed instructions on how to sign up in the coming weeks. You may already have received a prompt on personal accounts to sign up for passkeys. Passkeys are a public standard, and websites are quickly implementing support.

If you use iOS and iCloud Keychain, you may already have saved a few passkeys on your iPhone. Here’s a primer from Apple on how to set up a new passkey. Remember, while you can use a single device to store your passkey, you can store a passkey on multiple devices.

Questions about passkeys or anything else security-related? Email help@techallies.org.

Community Tech Alliance
Previous

Notes from BenDesk: Granting PAD Access
Next

Notes from BenDesk: Finding Metadata