GitHub’s passkey rollout


It’s crucial to see organisations move towards a passwordless future. As we see the convergence of the digital and physical world, biometric verification is the only way to secure and protect users.

Passwords are now outdated. They can be stolen and leaked on the dark web to commit other crimes such as fraud and identity theft. Earlier this year, Google made a similar announcement – warning about the dangers of passwords and recognising the benefits of using biometrics.

Biometrics are linked to a user’s physical identity, which means they are much harder to steal compared to passwords. Therefore, security teams are able to quickly detect fraud, phishing and spoofing techniques, as they can more accurately identify and verify users.

As well as the security benefits for GitHub users, biometrics drastically improve the user experience. With biometric verification, users don’t have to remember dozens of passwords, reset them when they are forgotten or go through double authentication steps. Biometrics will verify and authenticate users within seconds, not leaving the user frustrated, which would be the case if a password was involved.

Whilst passkeys are a positive step forward, in order to make users even more secure, GitHub and other organisations should look towards more secure forms of biometrics such as voice verification and full-facial scans, which can combat threats such as deepfakes.