The idea that passwords may soon become obsolete is gaining traction, with the National Cyber Security Centre (NCSC) in the UK urging users to move toward more secure alternatives known as passkeys. According to the agency, traditional passwords—long considered the first line of defense for online accounts—are increasingly vulnerable to modern hacking techniques, making them less reliable in today’s digital environment.
Over the past decade, reports of cybercriminals successfully cracking passwords have become commonplace. Hackers employ a wide range of methods, from phishing scams to brute-force attacks, to gain unauthorized access to personal and corporate accounts. The risk has grown even more significant as major tech companies such as Google, Microsoft, and Amazon have popularized single sign-on systems. While convenient, these systems can amplify the damage if a single password is compromised, potentially granting access to multiple services at once.
In response, the NCSC is strongly encouraging users to adopt passkeys, a newer authentication method designed to eliminate the need for passwords altogether. Passkeys rely on cryptographic technology, often tied to a user’s device, making them significantly more resistant to phishing and other sophisticated cyberattacks. Unlike passwords, which can be guessed or stolen, passkeys are much harder for attackers to intercept or replicate.
Passkeys are not just a theoretical solution—they are already being implemented in critical sectors. For example, the UK’s National Health Service (NHS) has begun using passkey-based systems to help secure sensitive patient data. These systems are often combined with multi-factor authentication (MFA), adding an extra layer of protection and ensuring that confidential information remains safe from unauthorized access.
Adoption is also growing among major technology platforms. Google has reported that roughly half of its users in Britain have already transitioned to passkeys. Other companies, including eBay, PayPal, and Microsoft, are following suit by integrating passkey support into their services. The appeal is clear: passkeys are easier to use, eliminate the need to remember complex passwords, and significantly reduce the risk of account breaches.
Speaking at the CYBERUK conference, Jonathan Ellison, Director of National Resilience at the NCSC, emphasized that the future of digital security may depend on how quickly users adopt this new technology. He highlighted that with the rise of advanced threats—including those powered by artificial intelligence—stronger authentication methods like passkeys are becoming essential. Ultimately, widespread adoption could play a crucial role in safeguarding personal and national data in an increasingly connected world.
Join our LinkedIn group Information Security Community!
