Passkey Support introduced for Web and Mobile applications

Starting from the last week AppMaster-generated applications support Passkey technology to securely authenticate users.

It’s based almost on the same approach that has been used in SSH authentication for decades - a pair of RSA/ECDSA keys (private and public). Most account hacks occur due to password leaks and users using the same passwords across different resources. Passkey completely eliminates such scenarios because only the public key is stored on the server - even if it leaks, it’s not a problem.

Passkey solves a whole bunch of problems: it stores keys at the operating system level (Win, Mac, Linux, Android/iOS), on a mobile device or on a hardware key, it’s impossible to intercept because the key information isn’t transmitted, it automatically checks that the domain matches (no more phishing!), and all this under the aegis of the FIDO alliance, which includes top tech companies.