Overview
- World Password Day coverage Thursday spotlights a pivot to passkeys, a passwordless login that uses a private key on your device to prove you are you.
- Heise and other outlets report that more services and major password managers now let people create passkeys and sync them across phones and computers.
- Experts urge turning on multi-factor authentication and prefer authenticator apps, since attackers can trick users in real time to steal SMS or email codes.
- New advice prioritizes length over clever character mixes for any remaining passwords, with about 16 characters seen as a safe target and numeric PINs needing roughly 16 digits to hold up.
- Readers are urged to run a breach check with tools like Have I Been Pwned and replace any weak, reused, or exposed logins right away.