Passkeys Promise a Password-Free Future but Are Becoming Walled Gardens

Passkeys were heralded as the key to a password-free future, offering a seamless and secure login experience. However, as Big Tech companies embrace this technology, there are growing concerns about how these passkeys are reinforcing the dominance of their ecosystems.

One of the pioneers of this technology, William Brown, a software engineer at SUSE Labs, has raised alarms about the direction in which passkeys are heading. Brown, who spearheaded the development of webauthn-rs — an open-source Rust library for implementing the WebAuthn standard — warns that the original vision of an open and accessible technology is being compromised.

Webauthn-rs was among the first libraries to enable the kind of authentication that passkeys represent. It has been integrated into projects like authenticator-rs, which is used in Firefox. Despite these advancements, Brown is disappointed with how the passkey ecosystem has evolved.

Over 150 platforms now support passkeys, including major names like WhatsApp, X (Twitter), TikTok, PlayStation, PayPal, Microsoft, Google, Apple, and Amazon. Passkeys utilize public key cryptography to create unique codes for each platform, stored and managed automatically on devices such as smartphones and PCs, allowing users to log in using facial recognition…