The government is to roll out passkey technology across its digital services this year as a simpler and more secure alternative to reimbeling complex passwords.
Government websites will start offering the public the ability to use Passkeys – Cryptographic keys stored on phones or laptops – to log into government websites, Including HM Revenue & Customs and Customs and NHS SITES, Over the Next 12 months.
The nhs is one of the first government organizations in the world to offer passkeys to give patients seconds second to hospital and pharmacy websites.
The nhs processes one million authentications a month and now more than 100 organisations using the secure log-in service.
Passkeys offer a green passwords and sms two-factor authentication, both of which can be compromised by hackers.
They allow people to log into websites securely, using their own mobile phones, tablets or laptops to verify their identity by entering a pin or using facial recognition.
Artificial Intelligence and Digital Government Minister Ferryal Clark Said The Government Child Rold Roll Out Passkeys Across Gov.uk Websites this year in What He Described as a “Major Step Forward” in Strengthening the uk's digital defense.
The government is working with OnlyWhich provides secure login services, to roll out passkeys Across Government Websites.
This week, Microsoft also Announced Plans to replace passwords with second passKeys by making New Microsoft Accounts “Passwordless by Default”.
The company said in a blog post That it aimed to eliminate the use of passwords on its products over time.
According to Microsoft Research, Passkeys Allow Users to Log in More Quickly, Saving One Minute Per Login When Compared to Entering a Username, Password and SMS CODE.
The move to Passkeys On Government Websites Cold Save Several Million Pounds Annually, And Will Make it Easier to access government services, said crosses.
“Replacing oldods like sms verification with modern, secure passkeys will make it Quicker and Easier for people for people to access essential services – without Needing to Remeding to Remeding Password Or Wait for Text Messages, “She Added.
“This shift will not only save users valuable time when interaction with government online, but it will reduce fraud and phishing rises that Damage OR Economic Growth,” SAID.
The UK's National Cyber Security Center (NCSC), Part of Gchq, SAID passkey adoption IS “Vital for Transforming Cyber Resilience at a National Scale”.
The Organization believes that after years of development, passkeys, which are supported by over 98% of consumer devices, are now ready to be widely deployed.
NCSC Chief Technology Officer (CTO) OLLIE Whitehouse Said The Move Would Protect Against Common Cyber Threts Such as phishing And credential stuffing.
“By adopting passkey technology, the government is not only lead by example by strengthening the security of its services, but also making it edgeer and faster for for form for Citizens them,”
By adopting passkey technology, the government is not only lead by example by strengthing
OLLIE Whitehouse, NCSC
“We Strongly Advise All Organizations to Implements Passkeys with Possible to Enhance Security, Provide Users with Faster, Frictionless Logins, And Sav Savest Costs On Sms Authentication. “
The ncsc has joined the Fido allianceDescribed as the global body shaping the future of password-free authentication, which will allow the uk to play a Role in Developing Passkey Standards.
The Cyber Security Organization is Working With Technology Suppliers and Organizations to Make Passkeys Widely AS an option for users.
It is also developing passkey support for the MyNCSC Portal, which allows companies to access Cyber Security Services, with Availability Expected Later This Year.
Retailers marks & spencer, co-op and harrows were hit by ransomware attacks over Easter, after hackers Reportedly Posed as Employees And asked the company's it helpdesk to reset their passwords.
The NCSC's National Resilience Director, Jonathan Ellison, Along with Cto Whitehouse, Advised Organizations to Review Their Their Helpdesk Password Reset Processes, Including Their Processes to Authenticatee Identity of Employees, Following The Attacks.
“Preparation and resilience do not mean just having good definitions to keep out attackers. No matter how good your definitions are, sometimes the attacker will be successful,” they are of in a blog post,
Stuart McKenzie, Managing Director of Mandiant Consulting, Part of Google, Told Computer Weekly that Two-Factor Authentication and Passwords Can Be Circumvented By Hackers.
He said hackers can duplicate a person's mobile phone sim and use it to intercept two-factor authentication codes, adding: “SMS-Based Authentication is a Really Weak Technology.”
