The UK’s National Cyber Security Centre (NCSC) is calling on users to adopt password managers and passkeys, highlighting them as the future of secure authentication.
In its latest guidance, the NCSC emphasizes the ease and security offered by browser-integrated password managers like those built into Chrome, Safari, Edge, and Firefox. These tools, deeply embedded into operating systems, offer a practical option for users.
The agency also recognized the role of long-standing third-party password managers, stating their continued existence is likely due to their strong commitment to security. Despite some high-profile breaches in the past, many of these services now rely on robust protection methods, including encryption, secure device chips, and biometric authentication like facial or fingerprint recognition.
The spotlight, however, is on passkeys—a newer, more secure login method developed by Apple, Google, and Microsoft. Passkeys replace traditional passwords with a cryptographic key pair. One part stays on the user’s device, while the other is shared with the service during account creation. When logging in, the device authenticates the user through standard unlock methods and confirms identity without transmitting the key itself.
According to the NCSC, passkeys are not only faster—up to eight times quicker than typing a password and 2FA code—but also more secure. They’re already supported by major platforms such as Google, eBay, and PayPal.
When choosing a password management tool, the NCSC advises users to assess the provider’s reputation and follow cyber hygiene practices. These include enabling updates, securing devices with biometrics, and setting up recovery methods such as trusted contacts or backup keys.
Greg Wetmore, VP of Product Development at Entrust, supported the agency’s call for change. He noted that passkeys address the core issues of password security—forgetfulness, complexity, and vulnerability to phishing attacks.
“Passwords are outdated and insecure. Passkeys offer a phishing-resistant solution that’s both easier to use and more effective,” Wetmore stated. “It’s time we all move forward.”
Stay ahead of emerging cybersecurity threats. For the latest insights and updates on cloud security, follow SOC News.
News Source: ITPro.com
