News on September 22 showed that GitHub announced the launch of the Passkey service, which aims to provide users with a safer and more convenient login verification method. Passkey is a login verification file based on the FIDO 2/WebAuthn standard. Users can use the public key in Passkey to register for a website or application, while the private key is stored securely on the user's device. This innovative technology will provide GitHub users with a higher level of security while also providing a more convenient way to log in.
Passkey is unique in that it allows users to leverage Biometric identification functions (such as fingerprints, iris) or PIN codes on the device can be used to log in to various websites and services with one click. This makes logging in more convenient while ensuring security. In addition, GitHub also supports users to register Passkey on different devices, providing users with the convenience of logging in across devices.
GitHub's goal is to improve account security and encourage all users to use multi-factor authentication (2FA) login credentials. When GitHub discovers that the user's device supports Passkey, it will prompt the user to register for the feature. In this way, users can obtain backup login credentials to prevent account information from being lost or stolen
In addition, according to my understanding, the Passkey service also supports cross-device credential synchronization. For example, Apple iCloud accounts can synchronize Passkeys on iOS and macOS, and Google Authenticator can synchronize users' Passkeys on all Android devices. In addition, third-party password managers such as 1Password also support synchronizing Passkey
across all devices where the program is installed.The above is the detailed content of GitHub launches Passkey service to improve account security. For more information, please follow other related articles on the PHP Chinese website!