iOS 26 and the other operating systems that Apple will offer to all users this fall (starting now for developers and the adventurous) will contain a very important function for passkeys: the import and export of these access keys, supposed to replace passwords.
A key advance for passkeys
Until now, these ultra-secure identifiers were in some way prisoners of their original environment, on the platform where they were created. A passkey generated on macOS could not be transferred to Windows or even another password manager on the same device. A limitation that doesn't help the adoption of this new system, because it locks users even more into an ecosystem like Apple's.
Another problem: there is a real risk of losing access in the event of theft or loss of the device on which the passkey was created. With iOS 26 and its ilk, Apple offers a solution: the secure transfer of access keys (as well as traditional passwords and verification codes) between compatible password managers.
Other methods, such as transferring CSV or JSON files, are hardly recommended from a security perspective since the files are generally not encrypted. At Apple, the process will be secure from end to end, initiated by the user with local authentication (via FaceID or Touch ID, for example). No sensitive files are stored locally.
This new feature should extend to other manufacturers, since it was designed in partnership with the FIDO alliance, which brings together around a hundred companies such as 1Password, Dashlane, Bitwarden, etc. Improving interoperability is essential for passkeys to truly replace passwords.
This import/export system adopted by Apple — and hopefully by the entire industry — will add another string to the bow of access keys. These use a dual-key encryption system (public and private) that eliminates traditional passwords that we end up forgetting. And unlike passwords, passkeys aren't susceptible to phishing attempts or data leaks, as the private key never leaves the device.
Source: Apple
0 Comments