Amazon is Adopting Passkeys, Aiming for a Passwordless Future

Amazon has stepped up to embrace the emerging trend of passwordless authentication by introducing passkeys, a move announced on Monday.

This initiative, aimed at advancing security and user convenience, aligns with similar steps being taken or considered by other tech behemoths like Google and Apple.

As traditional passwords become obsolete and hazardous, the shift towards modernized login mechanisms such as biometrics, PINs or passkeys is gaining traction.

The New Dawn of Passkeys

Amazon's senior vice president of e-commerce, Dave Treadwell, expressed the company's enthusiasm at being at the forefront of this new authentication method. "While passwords will still be around in the foreseeable future, this is an exciting step in the right direction," Treadwell remarked, adding that Amazon is "thrilled to be an early adopter of this new authentication method, helping to realize our vision for a more secure, passwordless internet."

Users can activate the newly introduced passkeys via their browser or the iOS Amazon Shopping App under the "Login & Security" section in "Your Account." Once set up, users can effortlessly log in using their device's lock screen PIN or biometrics, enhancing security since a potential hacker would need to physically hold the user's device and know the lock screen PIN or access their biometrics.

Benefits and Concerns

The transition to passkeys underscores the efficiency of this method in thwarting phishing scams while offering a more user-friendly login experience. Additionally, the passkey mechanism serves as a 2-factor Authentication (2FA) method, requiring both device possession and unlocking for service access, resembling the functionality of an authenticator app.

However, this shift has also sparked discussions around the collection and potential misuse of biometric data, which is more sensitive than traditional password data. A recent incident involving a biometric data breach of 23andMe customers, ironically caused by weak password security, has further fueled these concerns.

Password Management Recommendations

Until the digital realm transitions from traditional passwords, it's imperative to maintain good password management practices. Here are a few recommendations:

1. Use specialized tools like Bitdefender Password Manager to create, store and manage strong, unique passwords for different accounts.
2. Regularly update passwords and avoid reusing them across multiple platforms.
3. Enable multi-factor authentication (MFA) wherever possible for added security.
4. Stay informed about the latest security trends and consider adopting newer, more secure authentication methods as they become available.