NCSC: Leave passwords in the past - passkeys are the future
Passkeys are the more secure and user-friendly login method and should be the default authentication option for consumers.
CSIRTS triage
- What
- Passkeys are recommended as a more secure login method.
- Who is affected
- Consumers and organizations using traditional password authentication.
- Urgency
- Transitioning to passkeys is important for improving security.
- Action
- Start implementing passkeys as the default authentication method.
AI-assisted analysis generated from the source advisory — verify against the original.
Details
Original advisory: https://www.ncsc.gov.uk/news/ncsc-leave-passwords-in-the-past-passkeys-are-the-future
Recent advisories for NCSC
A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.
- unknownNCSC-2026-0223 [1.00] [M/H] Vulnerabilities fixed in BeyondTrust Remote Support and Privileged Remote Accessncsc-nl · 2026-07-10
- unknownNCSC-2026-0222 [1.00] [M/H] Vulnerabilities fixed in GitLab Enterprise Edition and Community Editionncsc-nl · 2026-07-10
- unknownNCSC-2026-0221 [1.00] [M/H] Vulnerabilities fixed in UniFi products from Ubiquiti Networksncsc-nl · 2026-07-07
- unknownNCSC-2026-0220 [1.00] [M/H] Vulnerabilities fixed in Rancher by Rancher Labsncsc-nl · 2026-07-03
- unknownNCSC-2026-0219 [1.00] [M/H] Vulnerabilities fixed in GitHub Enterprise Serverncsc-nl · 2026-07-03
- unknownNCSC-2026-0218 [1.00] [M/H] Vulnerability fixed in Cisco Catalyst Centerncsc-nl · 2026-07-02
More from NCSC-UK Publications
- unknownCyber Essentials Pathways: from proof of concept to cyber confidence2026-07-09
- unknownCyber Shield: The path to an agentic AI future for cyber defence2026-07-07
- unknownBuilding more resilient CNI: what industry pen testers told us2026-07-01
- unknownThe AI shift in cyber risk: why leaders must act now2026-06-22
- unknownAlert: NCSC issues advice following global targeting of Fortinet firewalls and VPN gateways2026-06-18