1
00:00:00,000 --> 00:00:13,240
[Music]

2
00:00:13,240 --> 00:00:14,800
Welcome back.

3
00:00:14,800 --> 00:00:17,760
If this is your first time joining us,

4
00:00:17,760 --> 00:00:20,080
earlier episodes this season

5
00:00:20,080 --> 00:00:22,640
build a helpful foundation,

6
00:00:22,640 --> 00:00:25,400
especially our recent conversations

7
00:00:25,400 --> 00:00:29,520
about digital identity and passwords.

8
00:00:29,520 --> 00:00:31,280
But wherever you start from,

9
00:00:31,280 --> 00:00:33,280
you're very welcome here.

10
00:00:33,280 --> 00:00:36,200
Today's episode is called "Paskeys"

11
00:00:36,200 --> 00:00:39,400
and the future of logins.

12
00:00:39,400 --> 00:00:42,280
Welcome back to Quietly Secure.

13
00:00:42,280 --> 00:00:45,560
The podcast about digital privacy,

14
00:00:45,560 --> 00:00:47,240
personal security,

15
00:00:47,240 --> 00:00:51,720
and staying informed without getting overwhelmed.

16
00:00:51,720 --> 00:00:55,440
In the last episode we talked about passwords,

17
00:00:55,440 --> 00:00:57,600
why they were created,

18
00:00:57,600 --> 00:01:00,040
and why they failed so often,

19
00:01:00,040 --> 00:01:03,560
and how modern security already relies

20
00:01:03,560 --> 00:01:07,600
on more than just something you remember.

21
00:01:07,600 --> 00:01:11,440
And that naturally leads to a question.

22
00:01:11,440 --> 00:01:15,240
If passwords are such a fragile system,

23
00:01:15,240 --> 00:01:17,920
why are they still everywhere?

24
00:01:17,920 --> 00:01:21,800
And more importantly, what comes next?

25
00:01:21,800 --> 00:01:25,240
You may already be seeing new options when you sign in.

26
00:01:25,240 --> 00:01:26,960
Use your phone,

27
00:01:26,960 --> 00:01:29,240
signing with Face ID,

28
00:01:29,240 --> 00:01:31,440
create a PASCII.

29
00:01:31,440 --> 00:01:33,880
Some people love this shift.

30
00:01:33,880 --> 00:01:36,080
Others feel uneasy,

31
00:01:36,080 --> 00:01:39,560
as if control is being taken away.

32
00:01:39,560 --> 00:01:42,200
So today, we're slowing down

33
00:01:42,200 --> 00:01:46,440
and looking at what PASCII's actually are.

34
00:01:46,440 --> 00:01:49,360
Why the industry is moving towards them,

35
00:01:49,360 --> 00:01:52,160
and whether they really make you safer?

36
00:01:53,200 --> 00:01:56,880
PASWords were designed for a very different internet.

37
00:01:56,880 --> 00:02:02,120
A time when people had a handful of accounts,

38
00:02:02,120 --> 00:02:04,400
used one computer,

39
00:02:04,400 --> 00:02:07,200
and threats were relatively simple.

40
00:02:07,200 --> 00:02:13,240
Today, PASWords struggle because humans are involved.

41
00:02:13,240 --> 00:02:15,160
We reuse them,

42
00:02:15,160 --> 00:02:16,800
we forget them,

43
00:02:16,800 --> 00:02:20,040
we choose memorable ones instead of strong ones.

44
00:02:20,920 --> 00:02:25,920
And attackers don't guess PASWords one person at a time anymore.

45
00:02:25,920 --> 00:02:30,480
They automate the process at a massive scale.

46
00:02:30,480 --> 00:02:34,680
Over time, come to realize something important.

47
00:02:34,680 --> 00:02:38,720
The weakest part of PASWords isn't encryption.

48
00:02:38,720 --> 00:02:39,800
It's memory.

49
00:02:39,800 --> 00:02:45,520
So instead of trying to make humans better at remembering secrets,

50
00:02:45,520 --> 00:02:49,000
the industry began asking on a different question.

51
00:02:50,080 --> 00:02:54,040
What if devices could handle authentication instead?

52
00:02:54,040 --> 00:02:57,960
That led to the idea of PASKII's.

53
00:02:57,960 --> 00:03:00,440
Despite the name,

54
00:03:00,440 --> 00:03:04,520
a PASKII isn't really a password replacement you type.

55
00:03:04,520 --> 00:03:07,640
It's closer to a digital key pair.

56
00:03:07,640 --> 00:03:10,560
Where you create a PASKII,

57
00:03:10,560 --> 00:03:14,080
your device generates two linked pieces.

58
00:03:14,080 --> 00:03:16,640
One stays safe on your device,

59
00:03:16,640 --> 00:03:20,680
and the other goes to the service that you're logging into.

60
00:03:20,680 --> 00:03:22,960
The important part is this,

61
00:03:22,960 --> 00:03:26,680
the secret part never leaves your device.

62
00:03:26,680 --> 00:03:30,240
When you sign in later your phone or computer,

63
00:03:30,240 --> 00:03:32,160
proves it has the key.

64
00:03:32,160 --> 00:03:35,720
Usually after confirming it really is you using

65
00:03:35,720 --> 00:03:39,880
a fingerprint, a face scan, or a device pin.

66
00:03:39,880 --> 00:03:43,440
No password to type, nothing to reuse,

67
00:03:43,440 --> 00:03:48,440
nothing meaningful for attackers to steal from a database breach.

68
00:03:48,440 --> 00:03:52,160
Even if a website is compromised,

69
00:03:52,160 --> 00:03:55,200
there's no reusable secret exposed.

70
00:03:55,200 --> 00:04:00,240
And because the PASKII is tied to the real website,

71
00:04:00,240 --> 00:04:02,320
fake logging pages,

72
00:04:02,320 --> 00:04:04,080
fishing sites,

73
00:04:04,080 --> 00:04:06,160
largely stop working.

74
00:04:06,160 --> 00:04:12,040
The system simply refuses to authenticate to the wrong place.

75
00:04:13,040 --> 00:04:16,640
If PASKII is a safer,

76
00:04:16,640 --> 00:04:20,080
why does some people feel uneasy about them?

77
00:04:20,080 --> 00:04:24,840
Well, that's mostly because they change where trust lives.

78
00:04:24,840 --> 00:04:28,640
Passwords feel personal.

79
00:04:28,640 --> 00:04:31,000
You know them, you carry them in your head.

80
00:04:31,000 --> 00:04:35,200
PASKII's move that responsibility to devices

81
00:04:35,200 --> 00:04:37,520
and operating systems.

82
00:04:37,520 --> 00:04:41,080
They can feel like you're losing control.

83
00:04:41,080 --> 00:04:46,080
But in reality, most people were already trusting devices,

84
00:04:46,080 --> 00:04:50,960
password managers, saved logins, auto fill systems.

85
00:04:50,960 --> 00:04:54,040
PASKII's just formalized something

86
00:04:54,040 --> 00:04:58,400
that was already happening and make it harder to misuse.

87
00:04:58,400 --> 00:05:02,880
The goal isn't to remove your control.

88
00:05:02,880 --> 00:05:06,880
It's to remove opportunities for attackers.

89
00:05:08,760 --> 00:05:12,720
PASKII's dramatically reduce certain risks

90
00:05:12,720 --> 00:05:16,320
to help prevent password reuse attacks,

91
00:05:16,320 --> 00:05:21,080
large-scale credential leaks, many fishing attempts.

92
00:05:21,080 --> 00:05:24,320
But they don't solve everything.

93
00:05:24,320 --> 00:05:28,360
If someone gains access to your unlocked device,

94
00:05:28,360 --> 00:05:30,840
they may still access accounts.

95
00:05:30,840 --> 00:05:36,040
Scams that convince you to approve actions still work.

96
00:05:36,920 --> 00:05:40,080
And account recovery still matters.

97
00:05:40,080 --> 00:05:43,440
Sometimes even more than before,

98
00:05:43,440 --> 00:05:45,720
security never disappears.

99
00:05:45,720 --> 00:05:47,000
It just shifts.

100
00:05:47,000 --> 00:05:51,280
PASKII's remove one category of problem,

101
00:05:51,280 --> 00:05:54,400
but awareness and habits still matter.

102
00:05:54,400 --> 00:05:57,720
Should you use PASKII's?

103
00:05:57,720 --> 00:06:02,720
For most people, the answer is yes, gradually.

104
00:06:02,720 --> 00:06:06,360
You don't need to switch everything overnight.

105
00:06:06,360 --> 00:06:08,960
A CAM approach works best.

106
00:06:08,960 --> 00:06:13,840
Start with major accounts, email, cloud storage,

107
00:06:13,840 --> 00:06:16,840
primary services tied to your identity.

108
00:06:16,840 --> 00:06:20,000
Make sure your devices are protected

109
00:06:20,000 --> 00:06:23,160
with a strong pin or biometric lock.

110
00:06:23,160 --> 00:06:29,080
And understand that convenience here is not a weakness.

111
00:06:29,080 --> 00:06:32,920
In this case, easier often means safer

112
00:06:33,920 --> 00:06:36,960
because systems that reduce friction

113
00:06:36,960 --> 00:06:40,440
are systems people actually use correctly.

114
00:06:40,440 --> 00:06:46,640
PASKII's aren't disappearing tomorrow,

115
00:06:46,640 --> 00:06:49,040
but their role is changing.

116
00:06:49,040 --> 00:06:54,040
The future of logging isn't about remembering more secrets.

117
00:06:54,040 --> 00:06:59,040
It's about proving identity, quietly, in the background,

118
00:06:59,040 --> 00:07:02,920
and using devices that already know it's you.

119
00:07:03,880 --> 00:07:07,560
Security is slowly becoming less visible,

120
00:07:07,560 --> 00:07:09,880
not because risks are gone,

121
00:07:09,880 --> 00:07:13,360
but because good design hides complexity.

122
00:07:13,360 --> 00:07:18,200
In the next episode, we'll step back from technology itself

123
00:07:18,200 --> 00:07:21,200
and talk about something even more powerful.

124
00:07:21,200 --> 00:07:23,560
Security habits.

125
00:07:23,560 --> 00:07:28,200
The small behaviors that protect you long after tools

126
00:07:28,200 --> 00:07:29,720
and trends change.

127
00:07:30,360 --> 00:07:34,520
Until then, stay curious, stay calm,

128
00:07:34,520 --> 00:07:37,240
and stay quietly secure.

129
00:07:37,240 --> 00:07:47,240
[MUSIC]

130
00:07:47,240 --> 00:07:57,160
[BLANK_AUDIO]