GitHub Goes Passwordless With Passkey Support in Public Beta

Highlights:

• GitHub’s passkey public beta aligns with the growing trend of companies moving away from passwords.
• Passkeys, combined with personal identification numbers or biometric authentication methods like fingerprints or facial recognition, enhance computer, phone, and tablet security.

GitHub, a well-known platform for hosting developer code repositories, recently revealed that it would make passwordless authentication support available in public beta, enabling users to upgrade their security keys to use passkeys instead of passwords.

Passkeys enable users to avoid using passwords, which are easily forgotten or stolen by a third party and then used to break into their accounts. Passkeys allow users to associate login information with specific devices or hardware keys.

Computers, phones, and tablets can be made more secure by using a passkey in addition to a personal identification number or biometric authentication method, like fingerprint or facial recognition.

Staff Product Manager at GitHub, Hirsch Singhal, wrote recently, “Unlike SMS and email, passkeys are unique per website, so they cannot be used to track a user’s activities across different sites. The best part is that passkeys bring us closer to realizing the vision of passwordless authentication — helping to eradicate password-based breaches altogether.”

With more businesses starting to use them, passwords are slowly moving away. GitHub’s public beta for passkeys is a part of this movement. Passkey developments, such as the ability to synchronize them across multiple devices, have been covered in detail by a leading media house. This enables users to use their smartphone or tablet as their passkey.

In May, Google LLC made passkey support available for user accounts, and in June, support for passwordless authentication was made available for both its Workspace productivity service and Google Cloud. PayPal Inc. and Apple Inc. later added passkey support and the password manager 1Password for their respective platforms. Microsoft Corp. followed in June with a sneak peek of built-in passkey support for Windows 11.

Passwords are to blame for more than 80% of all data breaches, claims the FIDO Alliance, a coalition of business interests working to improve authentication standards. Additionally, over 50% of users reuse the same passwords across multiple websites, increasing the risk of account compromise.

Additional security features, such as two-factor authentication, or 2FA, require users to log in with a password and a secondary form of authentication, such as an email or SMS code, which can reduce the likelihood of being hacked. As of March, all active developers using GitHub’s platform are required to use 2FA.

Passkeys can be enabled on GitHub by clicking the user’s profile picture in the top-right corner of the page, opening the “Feature Preview” menu, and selecting “Enable passkey.”