- The German government wants to make Passkeys its main method of authentication
- Passkeys claims are more secure, easy to use and resistant to phishing attempts
- The busy familiarity is still quite low, admitted Germany (in 2024)
The German government has set up plans to replace passkeys passwords as the main authentication method, the latter being considered more secure, phishing and user -friendly.
An BSI (Germany Federal Office for Information Security) advertisement was completed by directive projects (BSI TR-03188), detailing how Passkeys compares a public key stored on the website with a private key stored on the user’s device.
Passkeys keys linked to the device (stored locally and linked to a device) and the Synchronized Passkeys keys (stored in a encrypted cloud for multi-apparents) were both considered as acceptable authentication methods.
Germany wants to standardize the use of the key key
Because Passkeys is specific to the account, they cannot be reused on several sites, instantly increasing security. Despite best practices, it is a fact that many of us always use the same passwords on several accounts for ease. But being stored on the device or in the cloud means that users will not need to remember Passkeys for each account.
Passkeys is also resistant to human attacks in the middle and phishing attempts, as they require that the private key of a user is used from an approved device.
“We have to make cybersecurity as simple as possible and at the same time robust. Passkkeys are a perfect example of how to meet technical challenges with technical solutions. The future belongs to them,” said BSI president, Claudia Plattner (translated).
However, BSI recognizes that there is a long way to go. A 2024 report revealed that only 38% knew Passkeys and that the adoption was 18%. There is also the fact that Passkeys was slow to take off, with few websites offering the possibility of generating a connection based on Passkey at the start.
Today, however, the German government is not the only organization to recognize the advantages.
In May 2025, Microsoft said that it would make all the new default accounts by default by default – this should also extend to existing accounts.
