How AI Agents Will Break Passkeys — And 3 Ways To Fix Them

The world of online security is on the cusp of a significant transformation, with tech giants like Apple, Google, and Microsoft urging users to ditch traditional passwords in favor of passkeys. This shift is driven by the promise of enhanced security and reduced friction, as passkeys aim to eliminate the weaknesses associated with password-based authentication. By leveraging cryptography, passkeys provide a more robust and phishing-resistant way to verify user identities.

The Rise of Passkeys

Passkeys work by storing a public key on the server, while the user’s device holds the private key, typically secured with biometric authentication like Face ID or fingerprint recognition. When a user attempts to log in, their device signs a challenge with the private key, proving their identity. This approach closes a long-standing loophole exploited by attackers, providing mutual authentication and stronger security. However, this new paradigm also introduces a fresh set of challenges, particularly when it comes to autonomous AI agents.

The AI Conundrum

As AI agents become increasingly integrated into workflows, the limitations of passkeys become apparent. These agents operate on a different level, lacking the biometric factors and device-centric models that underpin passkey authentication. To overcome this hurdle, users may resort to proxying their credentials to AI agents, effectively undermining the security gains offered by passkeys. This workaround can lead to a new category of risks, as AI agents can operate at machine speed and scale, potentially replicating themselves or being impersonated by malicious actors.

Over-Permissioned by Design

The current design of passkeys can lead to over-permissioned accounts, where AI agents inherit all the privileges of the human account. This can result in unintended consequences, such as unauthorized transactions or access to sensitive records. To mitigate these risks, it is essential to develop new standards and infrastructure that account for the unique characteristics of AI agents. This may involve creating agent-specific identities with limited, auditable permissions, as well as intent-based authorization that considers the specific actions an agent is trying to perform.

Implications for Enterprises

The stakes are high for businesses, as the integration of AI agents into workflows can introduce operational, compliance, and security risks. Outages caused by expired or mismanaged credentials can become more frequent, while regulators may expect audit trails that clearly attribute actions to specific agents. To address these challenges, organizations must develop policies that prevent uncontrolled credential sharing and track agent activity with the same rigor as human users.

A Path Forward

To fully realize the potential of passkeys and mitigate the risks associated with AI agents, the industry must adapt and evolve. This requires a fundamental shift in how we approach identity, accountability, and privilege in an AI-driven environment. By developing new standards, infrastructure, and governance models, we can create a more secure and robust authentication framework that accounts for the unique characteristics of AI agents. Only then can we ensure that the benefits of passkeys are not undermined by the very technologies they are designed to support.