GitHub Embraces Device-Linked Passkeys for a More Secure User Experience.

Reading Time: ( Word Count: )

September 22, 2023

GitHub has today announced the widespread availability of passkeys across its platform, offering an enhanced security layer against phishing while promoting passwordless logins for every user.

These passkeys are device-specific, meaning they’re tied to individual devices like PCs, tablets, or phones. This ensures added security, dramatically reducing data breach risks by defending against phishing and halting unauthorized logins.

One of the significant benefits of passkeys is their ability to grant users access to various apps and online services using unique identification methods such as PINs, fingerprints, and facial scans. Furthermore, the introduction of passkeys eradicates the stress of recalling and juggling multiple passwords for different platforms and services.

July saw the inaugural introduction of the passkey feature by GitHub, marking the onset of their public beta phase of passwordless authentication.

Also Read: T-Mobile App Glitch Exposes User Data: Data Privacy Concerns Arise

GitHub Embraces Device-Linked Passkeys

GitHub’s Staff Product Manager, Hirsch Singhal, commented this Thursday, “With the beta release of passkeys in July, it’s been embraced by tens of thousands of developers. Today, every user can harness the power of passkeys to safeguard their accounts.”

He further emphasized, “We’re steadfast in our mission to equip every contributor with 2FA by 2023’s end, bolstering platform security without hindering user experience.”

To activate one or several passkeys, navigate to your account’s security preferences and select the “Add a passkey” feature. For those who’ve set up security keys earlier, an “Upgrade” option might appear if they’re passkey-compatible.

This development follows suit with industry giants Apple, Google, and Microsoft, all of whom have been championing better passkey integration on their respective platforms.

Microsoft shared its plans to permit users to securely access apps and websites with passkeys stored on mobile devices. This feature will roll out with the September 26 Windows 11 22H2 update.

Similarly, Google revealed its strategy to let Chrome 118 users on iOS log into websites using passkeys generated on their devices and synced through iCloud keychain on their Mac systems.

Today’s revelation from GitHub also recalls its previous move to mandate two-factor authentication (2FA) for all engaged developers since March 13. GitHub has consistently elevated its account security, introducing features like sign-in notifications 2FA and halting the use of compromised passwords.

Saher Mahmood

Saher Mahmood


Saher is a cybersecurity researcher with a passion for innovative technology and AI. She explores the intersection of AI and cybersecurity to stay ahead of evolving threats.

Other interesting articles

Automated vs Manual Penetration Testing

Automated vs Manual Penetration Testing

Pentesting is largely divided into two methodologies: Automated vs Manual Penetration Testing. Both have ...
8 Steps in Penetration Testing You Should Know

8 Steps in Penetration Testing You Should Know

Mastering the art of penetration testing has become a critical ability for security experts to combat cyber ...
Spear Phishing vs Whaling: What is the Difference

Spear Phishing vs Whaling: What is the Difference

Spear phishing is a particularly devious type of phishing assault in which the individual targeted plays a ...
How Often Should Penetration Testing Be Done

How Often Should Penetration Testing Be Done

Penetration testing is a crucial technique that involves simulating a cyberattack on networks, computer systems, ...

Submit a Comment

Your email address will not be published. Required fields are marked *