Every password story ends the same way: somebody was holding your secret somewhere, and they lost it.
Pick any year you like. In the beginning it sat in a plain text file on a shared machine, and all it took was asking the system to print it. In 1979, Morris and Thompson wrote up how to salt the hash and make computing it expensive, so that a stolen list didn’t instantly become a list of passwords — an enormous improvement. Then came the composition rules that had us all bolting a symbol onto the end. But the shape of the problem didn’t budge an inch in all that time: there is a secret, you know it, the server can check it, and therefore the server has something to lose.
Everything we’ve done since has been about making that secret longer, weirder, saltier, slower to crack. Nobody asked the question that comes before all that: what if there were no shared secret at all?
1976 the idea that a secret can have two halves
In 1976, Whitfield Diffie and Martin Hellman published New Directions in Cryptography. The idea was almost insulting in its simplicity: a key can be split into two pieces that aren’t interchangeable. One you hand out to anyone who asks; the other never leaves the house. What you sign with the private half is verified with the public half, but the public half can’t sign a thing.
Read that again with a server in mind: the site no longer needs to keep anything that can be used to get in. Only the half that opens nothing.
That it took the better part of fifty years for this to reach your bank’s login screen doesn’t say much for our industry. Client certificates existed and they worked; what didn’t exist was a way to use them that didn’t require a graduate degree. The cryptography was solved. The usability wasn’t.
2013 for once, somebody agrees on something
The FIDO Alliance was founded in 2013, an industry consortium with a stated and not especially modest goal: reduce the world’s reliance on passwords. What mattered wasn’t the technology — that part was already done — but getting device makers, browsers and services around one table to agree on a single protocol. It sounds like committee work and it was exactly what was missing: an authentication mechanism that only works in one browser with one service isn’t a mechanism, it’s a demo.
2019 the browser learns cryptography
In March 2019, WebAuthn became a W3C Recommendation. In plain English: any web page could now ask the browser — through a standard API, no plugins, no drivers — to generate a key pair and sign with it.
The flow, stripped of decoration, goes like this. When you register, your device creates a fresh key pair specific to that site. It sends the public half. It keeps the private half, held by the device itself and protected by your fingerprint, your face or its PIN. When you come back, the site sends a random challenge, your device signs it, and the site checks the signature against the public key it already had.
Notice what doesn’t happen: no secret travels anywhere. The server never had your private key, so it can’t lose it. If its entire database leaks tomorrow, what walks out the door is a list of public keys — roughly as valuable as stealing a phone book. No hashes to run through a GPU, no dictionary to try. It isn’t that it’s hard: it’s that there’s nothing there worth having.
The side effect is bigger than the idea
When your device creates that key pair, it binds it to the domain. The key it
saved for yourbank.com is only ever offered to yourbank.com. This isn’t a
policy, or a warning, or a red banner in the address bar: the key for
yourbank-security.com simply doesn’t exist. The browser can’t find it because it
was never created.
This kills phishing. Not reduces it — leaves it without a mechanism. The entire phishing business rests on the fact that you can type your password into the wrong site, and we’ve spent years trying to patch that with user training and awareness campaigns. All of it treated the symptom. Your eye can be fooled by a lookalike URL; your phone can’t. It doesn’t read. It compares strings.
It takes reuse down with it, which was the other cardinal sin. Every site gets its own key pair. There’s nothing to reuse even if you wanted to.
2022 the big three sign a peace treaty
In May 2022, Apple, Google and Microsoft jointly announced that they would expand support for FIDO credentials — passkeys — across their platforms and browsers.
That’s what turned this from a technical footnote into something you can explain to your mother. Until then, WebAuthn nearly always meant a physical USB key: excellent, and used by about three people. A passkey lives where your phone already is — in your hand — and unlocks with your face.
What it doesn’t fix
Now the small print, because the industry is going to spend the next few years pretending it isn’t there.
Recovery is still the soft spot. The hole hasn’t gone away: it’s moved. Lose the device and somebody has to decide that you’re you, and that decision is nearly always made over email, over SMS, or by talking to a human in a call centre. That human is exactly the same target they always were. You’ve armoured the front door and the back one is right where you left it.
Syncing ties you to an ecosystem. Passkeys are convenient because your platform replicates them across your devices. Which is another way of saying your keys live on one particular company’s keyring. Getting out isn’t impossible, but it isn’t a button either. You traded the problem of remembering for the problem of belonging.
And you still need a way in when you lose the phone. Which in practice means almost no site has actually removed the password: it has tucked it behind a “trouble signing in?” link. As long as that link exists, the password exists, and it’s as bad as it ever was. The chain breaks at the weakest method you’ll accept, not the most elegant one you offer.
What to do in the meantime
Turn on passkeys wherever they’re offered, and start with whatever hurts most if it falls: your email, your bank, the account you use to log into everything else. It’s one of the few security improvements that also saves you work.
And don’t kid yourself: you’ll be living with passwords for years yet, if only as a plan B. Make them long, make them different everywhere, and keep them in a manager. If you want one that never leaves your head, use the generator; if you want to know whether the one you’ve got holds up at all, run it through the checker.
The old sentry’s question — are you one of us? — finally has a different answer. For decades we answered by saying a word that could be overheard. Now we answer with a signature only your device can produce, without the word ever coming into existence. It’s the first time we’ve changed the question instead of the word.
Sources: W. Diffie and M. Hellman, “New Directions in Cryptography”, IEEE Transactions on Information Theory, 1976 · R. Morris and K. Thompson, “Password Security: A Case History”, Communications of the ACM, 1979 · FIDO Alliance, founded in 2013 · “Web Authentication: An API for accessing Public Key Credentials”, W3C Recommendation, March 2019 · joint announcement by Apple, Google and Microsoft on passkey support, May 2022.