Passkeys: The Waterproof Defense Against Phishing Attacks
1 min read
Summary
The “Passkeys” is the latest authentication tech that could be a significant game-changer in the fight against phishing, according to numerous reports.
With current methods, MFA defences are ineffective due to increased sophistication of phishing and MitM (man-in-the-middle) attacks.
Stolen credentials are now the second most commonly observed initial infection vector, according to Mandiant’s 2025 report.
This is a bigger problem than email phishing, which remains high at 14%, but various methods can be used to obtain credentials.
Passkeys offer a completely waterproof solution according to experts, and works through biometric data stored in a trusted platform module (TPM) chip.
This is paired with a symmetric key stored on a secure server, meaning that even if biometric data is compromised, it is of no use without the symmetric key.