Article Details
Scrape Timestamp (UTC): 2024-01-23 20:20:25.648
Original Article Text
Click to Toggle View
X adds passkeys support for iOS users in the United states. X, formerly Twitter, announced today that iOS users in the United States can now log into their accounts using passkeys. The passkeys will be linked to the iOS device they're generated on and will significantly reduce the risk of breaches by providing protection against phishing attacks and blocking unauthorized access attempts. They'll also enhance user experience and security by removing the need to memorize complex passwords. "A passkey serves as an online credential associated with your account. Instead of logging into your account with a username and password, your private passkey automatically authenticates your account using the server's public passkey, allowing you to log in without the need to type it in," support document on X's help center explains. "Passkeys sync across your iOS devices using iCloud Keychain. This synchronization ensures redundancy if you lose your device. If you lose all of your devices, passkeys can be recovered through iCloud keychain escrow." To add a passkey, you have to log into your account, click "Your account" in the navigation bar, go to "Settings and privacy," then click "Security and Account Access," then "Security." Under "Additional password protection," click "Passkey" and enter your password when prompted. Select "Add a passkey" and follow the prompts. After setting up a passkey linked to your iOS device, you can sign in without entering your password or using two-factor authentication (2FA). "Passkeys are constructed using public key cryptography from the WebAuthentication (or 'WebAuthn') standard. When you register an account, your device generates a unique key pair – one public and one private – for each account," X says. "The public key is shared and stored on X, while the private key remains on your device. Your passkey is never shared with X to ensure maximum security, and further reducing the likelihood of unauthorized account access." While X encourages all iOS users in the U.S. to use passkeys to boost their accounts' security, passkeys are not yet required for logging in. This announcement comes after multiple high-profile verified X accounts have been hijacked since the start of the year to push crypto drainers, including the U.S. Securities and Exchange Commission, cybersecurity firm Mandiantand CertiK, and companies like Netgear and Hyundai.
Daily Brief Summary
X, formerly known as Twitter, has rolled out the use of passkeys for iOS user logins in the United States.
Passkeys are designed to provide a more secure authentication method, protecting against phishing and unauthorized access by leveraging public key cryptography.
The new system does away with the need for passwords, reducing user burden and increasing security.
Passkeys will synchronize across iOS devices via iCloud Keychain, ensuring backup in case of a device loss and enabling recovery through iCloud Keychain escrow if all devices are lost.
Users can set up a passkey by accessing the security settings on their X account and following a guided process.
The move to implement passkeys comes in the wake of several high-profile account hijacks on X, aiming to enhance security and prevent similar incidents.
Although highly recommended, the use of passkeys by iOS users in the U.S. is optional and not mandatory at present.