Passwordless logins promised to free us from passwords, but Google and Apple ruined it for everyone.
The end of passwords
WhatsApp users can now log in to the messaging service without having to type or remember a password by using a passkey. Passkeys do away with passwords altogether and instead use your device itself to authenticate you. It’s a great, clever system that solves all the problems with passwords, with very few drawbacks. So what’s the big deal? Well, both Apple and Google have implemented passkeys as yet another way to lock down their users.
"Since then, Passkeys have been seen as a way to lock users and audiences into a platform. What better way to lock users into your platform in the long run than to lock all of their credentials into your platform, and better yet, credentials that cannot be extracted or exported in any way," writes William Brown, developer of webauthn-rs, on his blog.
Passwords are annoying and a huge security risk. They can be phished, guessed, stolen, or cracked, and if you use the same password for multiple services, you end up with multiple accounts compromised. The answer is to use a password manager to generate and store passwords, but even if your own “password hygiene” is perfect, you still have to trust the services you use them with to keep their end of the story safe.
