1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • GitHub is going passwordless with new passkey support

    From TechnologyDaily@1337:1/100 to All on Thu Jul 13 15:45:04 2023
    GitHub is going passwordless with new passkey support

    Date:
    Thu, 13 Jul 2023 14:29:45 +0000

    Description:
    GitHub announces passkey support in new public beta which it hopes will make the platform easier and safer to use.

    FULL STORY ======================================================================

    GitHub has become the latest prominent service to offer passkey support, letting users login without a password.

    The popular software repository, which is now owned by Microsoft, announced
    in a blog post on its website that the public beta for passkeys is now available.

    For users that opt in, it means that passkeys will replace security keys, and will be used in place of both your password and 2FA method. Convenience and security

    Passkeys are the latest passwordless technology that have been adopted by prominent tech firms already, such as Apple, Google, and Microsoft. These along with other tech giants are board-level members of the FIDO alliance,
    the cross-industry association that sets the technological standards for passkeys.

    Other services offer passkey support too, such as eBay, PayPal and BestBuy. Although the total number of adopters is currently quite small, it seems that uptake is slowly growing, with GitHub being the latest to support their use. read more

    Google Chrome now supports passkeys for everyone



    Bitwarden now lets you create passkeys for your business apps



    Microsoft is being sued over Github Copilot piracy

    Passkeys work by storing a private cryptographic key on your device, which, when combined with the public key of the service in question, allows you to login to your account. All that is need to authenticate your identity is whatever measure you use to lock your device, such as your fingerprint or
    face scan, or your PIN.

    As well as improving convenience, passkeys are also claimed to be more secure as they are phishing resistance - no one can extract the keys from you in social engineering campaigns as they are stored on device with zero knowledge architecture; not even the user knows what they are.

    GitHub also cites the claim from the FIDO alliance that passwords are the
    root cause of more than 80% of data breaches, so it is argued that switching to passkeys will drastically improve the security posture of users and organizations.

    GitHub has taken various steps over the years to help protect users and
    itself from supply chain attacks, since the software available on the site is often propagated widely to numerous organizations.

    In 2021, for instance, it removed the ability to authenticate Git operations with passwords only, requiring token-based authentication, such as those offered by security keys . An in May this year, it made 2FA mandatory for developer accounts . Want to have access to your passkeys cross-platform?
    Then you'll need to use the best password manager



    ======================================================================
    Link to news story: https://www.techradar.com/pro/github-is-going-passwordless-with-new-passkey-su pport


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)