The National Cyber ​​Security Center (NCSC), the British government's technical supervisory agency for cyber security, affiliated with the British Government Communications Headquarters (GCHQ), recently updated its official guidance and officially recommended that consumers give priority to "Passkeys" (Passkeys) rather than traditional passwords as the preferred login method for various digital services. This statement was announced last Thursday, marking an important change in the British official's stance on identity verification technology.

According to the report, the reason why NCSC clearly supports the pass key this time is closely related to the progress of related technologies and ecological environment in the past year. Just last year, although the NCSC had paid attention to this plan, it did not officially endorse it at that time because there were still several key obstacles in implementation. Now, as the relevant supporting capabilities are gradually improved, NCSC believes that the pass key is ready to be promoted to the public, and positions it as a more secure and user-friendly login method. At the same time, the agency also called on companies to make passkeys the default authentication option for consumers.

When talking about this change, NCSC National Resilience Director Jonathan Ellison said that the use of pass keys when conditions permit is an important step towards a "more secure and simplified" login experience. He pointed out that users have long struggled with remembering and managing passwords, and as users gradually turn to pass keys, such problems are no longer an inescapable part of the network login process. Ellison also emphasized that pass keys are not only easier to use, but also bring greater overall security resilience; in the context of the UK's desire to massively improve national cyber defense capabilities, promoting pass keys will become a practical measure for the public to improve the security of daily digital services and respond to modern and future cyber threats.

From a practical application perspective, although pass keys are officially recognized as a stronger security solution for the general public, their current popularity is still far less than that of traditional passwords, and it is difficult to completely replace them in the short term. For websites and online services that do not yet support passkeys, official recommendations at this stage still include using a password manager to generate strong passwords and enabling two-factor authentication to improve account security.

In addition, the British government stated last year that it would gradually introduce pass keys in its digital public services as an alternative to the SMS verification code verification mechanism. The British side estimates that this adjustment will save millions of pounds every year in the future.