UK NCSC Advises Public to Replace Passwords with Passkeys as Adoption Grows
UK NCSC drops password advice, Google notes 50%+ UK passkey adoption, and ‘123456’ stays the top password. What users should do next.
TL;DR
The UK’s National Cyber Security Centre says stop using passwords when passkeys are available, and Google reports over half of its UK users already have a passkey. The world’s most common password remains “123456”, underscoring the need for stronger login methods.
Context
The NCSC announced it will no longer recommend passwords where passkeys can be used. A passkey is a device‑based credential that authenticates login via biometrics or a PIN, making it resistant to phishing because the secret never leaves the user’s device.
Key Facts
- The NCSC’s guidance shifts from password‑first to passkey‑first for UK consumers. - Google reports that slightly more than 50 % of its UK users have registered a passkey. - Nordpass analysis finds “123456” remains the most common password worldwide.
What It Means
Consumers should enable passkeys on any service that offers them, typically found in account security settings. Keep device PINs private, even from family members, to prevent unauthorized biometric bypass.
If a passkey is not yet available, use a password that is long and random paired with two‑factor authentication and consider a password manager to generate and store credentials. Regularly update operating systems and apps, and scrutinize unexpected emails for phishing attempts.
What to watch next: Expansion of passkey support across major platforms and any forthcoming UK government guidance on credential‑based authentication.
Continue reading
More in this thread
Aptica Releases SMB Cybersecurity Guide Amid 88% Ransomware Share in Small Business Breaches
Peter Olaleru
ShinyHunters Claims Massive Carnival Data Leak While Company Cites Single‑User Phishing
Peter Olaleru
Carnival Faces 7.5 Million Email Leak Claim Amid ShinyHunters Extortion Dispute
Peter Olaleru
Conversation
Reader notes
Loading comments...