Dashlane's passkey support allows users to authenticate to their password vaults without a password. Credit: Matejmo / Getty Images Password management vendor Dashlane has announced the introduction of integrated passkey support in its password manager, unveiling an in-browser passkey solution to help tackle the issue of stolen/misused passwords. The launch comes as the “passwordless authentication” era edges closer with tech giants Apple, Google and Microsoft set to bring it to millions of smartphone and laptop users in accordance with recommendations from the Fast IDentity Online (FIDO) Alliance.Passkey support includes secure sharing, access control, multi-device sync capabilitiesIn a blog post, Dashlane wrote that the launch of passkey support in its password manager is the natural evolution of its offerings and is tied to its mission of making security simple for organizations and their people. “Today’s biggest security issue stems from stolen logins – over 80% of breaches occur as a result,” it added. Passwordless authentication takes a powerful step towards addressing this problem, it claimed.To be made available in the coming weeks, the Dashlane passkey solution will allow users to log in across all types of sites, including those that support new passwordless authentication and sites that require a password. “Users can store their passkeys for multiple sites and benefit from the same convenience and security they already have with their passwords. They’ll enjoy “automagically” logging in to sites, seamless operation across multiple platforms, and our patented zero-knowledge architecture, which means no one except the user can access their logins. (Not even Dashlane can access them.),” it added. They will also benefit from with secure sharing capabilities, access controls for businesses, multi-device sync, and multi-platform interoperability, Dashlane added. Forrester Vice President, Principal Analyst Andras Cser welcomes Dashlane’s introduction of integrated passkey support. “This gives better protection for the Dashlane password vault, and users can authenticate to the password vault with passwordless authentication. This is a great development,” he tells CSO. “However, backend applications to which Dashlane still manages passwords continue to be vulnerable to phishing and other password related attacks.” Related: How passkeys are changing authenticationPasswordless authentication edging closerIn March 2022, the FIDO Alliance published a report on its ongoing work towards making FIDO-based secure authentication technology the most dominant form of authentication on the internet, replacing passwords. It cited two areas of recent advancement – the use of smartphones as a roaming authenticator and multi-device FIDO credentials – as key to driving large-scale adoption of FIDO-based authentication in the near future. “This makes FIDO the first authentication technology that can match the ubiquity of passwords, without the inherent risks and phishability,” it said. Meanwhile leading tech companies look to expand support for a common passwordless sign-in standard by making smartphones and laptops passwordless authentication ready within the coming year. “The standards developed by the FIDO Alliance and World Wide Web Consortium and being led in practice by these innovative companies is the type of forward-leaning thinking that will ultimately keep the American people safer online,” Jen Easterly, director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), commented in May this year. “I applaud the commitment of our private sector partners to open standards that add flexibility for the service providers and a better user experience for customers.” Related content news analysis Microsoft fixes three zero-day vulnerabilities, two actively exploited The company’s Patch Tuesday includes fixes for flaws in Windows Desktop Window Manager, Windows MSHTML, and Visual Studio, among others, that IT security orgs should prioritize. By Lucian Constantin May 15, 2024 6 mins Windows Security Zero-day vulnerability brandpost Sponsored by Palo Alto Networks How you may be affected by the new proposed Critical Infrastructure Cyber Incident Reporting Rule The current cybersecurity regulatory landscape continues to evolve, and CIRCIA’s incident reporting requirements are just one of the many emerging regulations organizations will need to observe By Anand Oswal, Senior Vice President and GM of Network Security at Palo Alto Networks May 15, 2024 5 mins Security news Singing River ransomware attack now thought to have affected over 895,000 The health care provider has dramatically increased its estimate of the number of patients affected by the August 2023 attack. By Shweta Sharma May 15, 2024 4 mins Data Breach Ransomware brandpost Sponsored by Sans Institute Clock is ticking for companies to prepare for EU NIS2 Directive Many companies are still not ready for the impact of NIS2, but SANS can help them prepare. By Laura McEwan May 15, 2024 3 mins Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe