BSI recommends the use of passkeys
The BSI recommends the use of passkeys. A survey shows that there is room for improvement in terms of awareness and distribution.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
The German Federal Office for Information Security (BSI) recommends the use of passkeys and has commissioned a survey among consumers on the subject of passkeys to obtain a picture of the situation. It showed a positive user response, but also a need to catch up in terms of awareness.
Germany's highest IT security authority discusses the fact that stolen or guessed passwords enable identity theft from consumers or even access to company networks. Username-password combinations are therefore now considered insecure, while two-factor authentication can provide some mitigation, but is perceived by many as cumbersome. The BSI sees passkeys as the solution to the problem, as they offer a significantly higher level of security than conventional methods.
Survey shows low awareness and need for education
Of those surveyed, 38 percent were familiar with the term passkeys. However, only 18 percent actually use them. Of those who already use passkeys, 72 percent have a high or very high level of trust in the process. Those who use it also like it: they rate the uncomplicated setup, quick login and high user-friendliness positively, the BSI summarizes the survey results on its website.
Videos by heise
According to the survey, the option to use passkeys is "difficult for consumers to recognize and is therefore often confused with other procedures", writes the BSI. Providers therefore need to provide better information and education about this.
The President of the BSI, Claudia Plattner, said: "We need to make cyber security as simple as possible and robust at the same time. Passkeys are a perfect example of how technical solutions can be used to meet technical challenges. The future belongs to them."
Overall, 44% of respondents were skeptical about the use of passkeys, with concerns being expressed primarily about security and complexity. Many stated that although they were interested in IT topics, they were not yet sufficiently informed about the subject to justify the use of passkeys. Others stated that they would wait for new technical developments until other consumers and experts had tested them out and made explicit recommendations for use. With the explicit recommendation, the BSI may now have given the go-ahead for wider distribution.
c't explains how passkeys actually work. It also recently shed light on how to choose the right key management system for passkeys.
The BSI commissioned the survey from INFO GmbH Markt- und Meinungsforschung. It was conducted as an online survey among 1519 people from an online access panel, the size of which remains unknown. The results are therefore representative of the German population to a limited extent. However, the results were "weighted to be representative of the population" according to the characteristics of age, gender, education, household size and place of residence. The survey period was March 26 to April 3, 2024.
(dmk)
