Why Passkeys are the Future of Accessible Authentication

Whether it is online shopping or navigating a street – these are things that sighted people do daily without needing any assistance. For me, I must rely on technology to assist me. Think about how you would read a menu as a visually impaired person?

So when authentication using passkeys came along, needless to say, I was all-in as I could see the difference it would make.

The History of Authentication

Before I discuss how passkeys work and my experience, I feel it is worth giving the reader an explanation as to how authentication used to work as a blind person.

When I started using computers in the early to mid 90s’, the only way one could keep track of passwords, assuming you couldn’t remember all of them was either using voice notes or writing them down in Braille.

Needless to say both of these mechanisms have obvious disadvantages:

• Using voice notes provides the opportunity for other people to overhear passwords, compromising any accounts for which this password is used.
• Braille is bulky with material taking up an extra 50 percent of space compared to the print equivalent. As well as this, paper is wasted, with the use of potentially only 1 or 2 lines on an A4 page needed to hold each username and password combination.

Given these disadvantages I hope you can see how better solutions were needed.

Password Managers and Biometrics

Fast-forward a few years and two major Breakthru’s occurred; both of which would help the visually impaired as well as other persons with disabilities manage passwords

Touch ID

The first one was curtesy of Apple when they introduced Touch Id in 2012. This meant visually impaired users could both unlock their phones and login to applications using a fingerprint. This technology was improved further when in 2015 Microsoft introduced Windows Hello. In 2017, Face ID was introduced, making the process of authentication even easier on both desktop and mobile platforms.

Password Manager

Whilst the password manager has been around in some form since 1997, they really didn’t gain prevalence until well in to the 21st century. In essence, a password manager securely stores passwords and other ancillary information either locally or using the cloud. This was a game-changer, as in most cases you were required to only memorise a master password, letting the password manager take care of either filling in or, better still generating passwords on your behalf.

As well as this, if your password manager of choice provided cloud synchronisation, your account details were now available across all of your devices. This was particularly useful for those of us who have devices from different manufacturers.

The Problems With Password Managers & Face ID

Whilst the password manager and Face ID were both welcome improvements, two issues still remained.

The first surrounded the accessibility and potential usability of password managers. As technology pushes forward, we can sometimes get in to situations where developers, usually through no fault of there own, will write software that is inaccessible. The problem with this is, given how prevalent a password manager is, if it were to be unusable for any reason, you lose the ability to login to a website (or application) and will probably not be aware of the user name and password combination you are suppose to use. After all, this is one of the unique selling points of a password manager in the first place.

Face ID suffers from the fact that as a visually impaired person, you may not know where a devices camera is located and may require extra guidance when using this system. Apple has thought about this and through VoiceOver gives guidance during setup as well as a specific mode for visually impaired users. Whilst this is welcome, it is not something that is industry standard, so the effectiveness of facial recognition with other manufacturers devices and platforms may very.

Removing The Need For Passwords

In 2015, the Fido Alliance developed the Fido2 protocol. This, along with the Client to Authenticator Protocol were the real driving forces around the effort to remove the need to use a password. Whilst protocols are good, it is only within the last couple of years that websites such as Microsoft, Google and Facebook have started to implement this technology.

To use this technology, you either require a device with some form of biometric authentication, such as a laptop with a fingerprint reader, or a phone with Face or Touch Id. External security keys also exist from manufacturers such as Yubikey and Thales.

The Advantages of Passkeys For Someone With A Visual Impairment

As someone who relies on both speech and Braille to use a computer, the advantages of authentication that only uses biometrics cannot be overstated.

Given that passkeys are mainly used within the web browser and all access technologies provide excellent support for this environment, it makes the process of both creating and registering a pass key very simple.

All of the process will occur in the web browser, apart from situations where you need to unlock your password manager. Assuming you have set up Windows Hello to work with your password manager of choice, the master password will only be needed once, usually the first time you attempt to login to an application or website.

After you have generated a passkey, you can view and manage these in your password manager of choice. 1Password, Bitwarden and Google’s own password manager built in to Chrome are all accessible, so we are now only limited by the number of sites that offer this functionality. The good news is this is increasing all the time.

The ideal future for this technology is that it would be available everywhere and a standard part of any identity and access management system.